Feedburner feed header causing 403 error

Home Forums BulletProof Security Free Feedburner feed header causing 403 error

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
  • #455

    I’ve just returned to using Feedburner after trying Jetpack’s subscription system and the article title in the emailed feed – Four agreements & panda diplomacy neuters US President’s visit to Thailand – returns a 403 Permission denied error when clicked.

    The link followed is:


    It does not occur if bulletproof mode for website root folder .htaccess is not activated. I had read somewhere that changing:

    RewriteCond %{QUERY_STRING} ^.*(\[|\]|\(|\)||%3c|%3e|%5b|%5d).* [NC,OR]


    RewriteCond %{QUERY_STRING} ^.*(\[|\]||%3c|%3e|%5b|%5d).* [NC,OR]

    should fix the problem, but it has not. Any suggestions would be gratefully received.

    AITpro Admin

    The Query string has a single quote character in it and that is why it is generating a 403 error

    photo-journ%27s = photo-journ’s

    You can either remove the singe quote character from the feed post or you can modify these security filters in your root .htaccess file to allow the single quote character.

    You would remove %27 from these security filters below and also remove the single quote coding character in the QUERY_STRING filter.

    RewriteCond %{HTTP_USER_AGENT} (%0A|%0D|%27|%3C|%3E|%00) [NC,OR]
    RewriteCond %{HTTP_REFERER} (%0A|%0D|%27|%3C|%3E|%00) [NC,OR]
    RewriteCond %{QUERY_STRING} (<|>|'|%0A|%0D|%27|%3C|%3E|%00) [NC,OR]

    Thanks very much. Removing the apostrophe in the feed fixed the problem.

    AITpro Admin

    Great!  Thanks for confirming this.  

    It is a shame that the Apostrophe is the most dangerous coding character – the single quote.  When used in the right hands the single quote coding character is completely harmless.  When used in the wrong hands the single quote coding character becomes very, very dangerous.  You will notice that by default WordPress strips the single quote coding character out of URL/Permalink slugs as well as all of the other coding characters that are considered unsafe to use.  😉


    THANK YOU!  it worked.  of course wouldn’t you know it, constant contact (spam blasters!) would be using bad apostrophes.  thanks again, ya’ll are on it!!

Viewing 5 posts - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.