Is there a way to block malformed URLs, eg someone trying to access “.html”, “.php” and/or various other garbage, or certain routes that I know are not there etc. Eg in cloudflare this is a simple addition of a firewall route.
Is there a way to achieve the same on Netlify?
At the moment, there’s no easy way to do this. You can try something with Netlify Functions, but would have to route every URL to that function and it would soon get difficult to manage.
This might get possible to achieve with Edge Handlers or some other solution if/when they make it to the public release.