It sounds like you want to make sure a file is never served from your Render service, is that correct? If you’re using a static site, we will serve all files that you put in your publish directory (see our docs at Free Static Site Hosting | Render). You can customize this a bit with redirects and rewrites (URL Redirects and Rewrites | Render), but I think it’s better to just never publish those files.
If your build step is currently generating those files, you may be able to edit your build script to delete all of the .eot, .wof, .woff2, and .ttf files before finishing.
No, that’s not what I wanted. The script above is from the LAMP-Stack-World and prevents every request from downloading the webfonts except requests from (in this case) example.com.
So I want my webfonts only to be used by the website itself. This is the common way to protect self-hosted webfonts.