You can use WAF on Azure Application Gateway or Azure Front Door to block or log requests from known malicious IP addresses. The bot protection rule set is part of the managed rules and can be enabled to protect against known bad bots. You can use the WAF to create custom rules that block or rate limit requests to those paths.