Hello John Stewart,
Thank you for using our services.
This behavior is coming from the fact that Sitefinity pages have permission inheritance. This means that all pages inherit permission settings for all roles from their parents. This lets you view the page if you belong to a role that is denied view access to a page if the parent page has view permissions.
However you can break inheritance for pages. This will affect all permissions for all roles. By breaking permission inheritance you will be able to totally restrict a certain page. Then if the restricted types in the URL, then he/she will get an error message. Take a look at the attached image to see how to break inheritance for pages.
All the best,
the Telerik team