DNS rebinding is usually turned off at the CPE
90% of residential CPEs out there run some variety of dnsmasq which has rebind protection enabled in their default settings.
This will not affect Joe Average User. Joe Uber Geek who runs his own DNS and is doing clever stuff with it inside his network - yes. Corporate networks - probably yes. Average user at standard CPE settings - do not think so.
Blizzard solution while bizzare and executed in an inept way is in the right direction. The only "right" way of doing this is to have each command and each payload authenticated. Best of all cryptographically - signed by a certificate Blizzard owns.