Hi @Bevan!
Yes, this is correct. You can generate a different WOPI hostname and see from the logs (at least information level, if not debug) that it gets blocked without attempting to communicate with it. This test hostname doesn’t need to be real or (if it is) owned by you, it just has to be excluded from the config.
Feel free to report back if you uncover any issues.
Thanks!