Your SAML Service Provider (SP) will likely be running as part of an HTTPS web site.
This is usually configured to trigger a SAML authentication when a specific path is requested, for example /login/shib-sso/shibboleth.
It is common for web servers to respond to any request that comes in. In the case of a SAML SP, this means that in addition to expected URLs:
https://myservice.myorg.edu/login/shib-sso/shibboleth
or
https://anotherservice.myorg.edu/mellon
they will also trigger a SAML authentication when requests come in for (for example) the literal IP addresses:
https://34.56.78.90/login/shib-sso/shibboleth
These URLs are typically used by bad actors (script kiddies etc), and can cause excessive resource consumption, both on your SAML SP and on the configured IdP.
To avoid this, you can configure your web server so that it only serves traffic for sites that it knows about.
In practise, this is done by setting up a dedicated default virtual host, that will respond to any requests that the web server does not know about.
This default virtual host should be configured to not trigger any SAML authentication, and just respond with something very simple.