If your RSS feed is hosted on a site protected by Cloudflare, dlvr.it's Feed Fetcher may be getting blocked. When this happens, you'll see a 403 Forbidden error when dlvr.it tries to fetch your feed.
β
The fix is straightforward β you'll create a custom rule in Cloudflare that tells it to allow dlvr.it through.
Option 1: Create a custom rule in the Cloudflare dashboard
This is the easiest method if you're comfortable working in the Cloudflare interface.
Log into your Cloudflare account.
Select the domain you want to update from your dashboard.
πΈ [Screenshot: Cloudflare dashboard showing the domain selection screen with a domain highlighted]
In the left sidebar, click Security, then click Security Rules.
πΈ [Screenshot: Cloudflare left sidebar with Security expanded and Security Rules highlighted]
Click New Rule and choose Custom Rule.
πΈ [Screenshot: Security Rules page with the New Rule button highlighted and Custom Rule option visible in the dropdown]
Give your rule a name β something like
Allow dlvr.it feed fetcherworks well.Set up the rule conditions as follows:
Field:
User AgentOperator:
starts withValue:
dlvr.it/1.0
πΈ [Screenshot: Custom Rule editor showing the Field set to "User Agent", Operator set to "starts with", and Value set to "dlvr.it/1.0"]
Under Then take action... select Skip.
Under WAF components to skip, check all of the boxes.
Click More components to skip and check all of the newly displayed boxes as well.
πΈ [Screenshot: Custom Rule editor showing the Skip action selected with all WAF component checkboxes ticked, including the expanded "More components to skip" section]
Click Deploy to save and activate the rule.
πΈ [Screenshot: Custom Rule editor with the Deploy button highlighted]
Once deployed, dlvr.it's Feed Fetcher will be able to access your RSS feeds without being blocked.
Option 2: Create a custom rule via the Cloudflare API
If you prefer to work with the API, you can create the same rule programmatically. Your API token must have at least Zone WAF β Edit permission to do this.
Replace <your cloudflare API token> and <zone ID for the domain you wish to update> with your own values, then run the following:
CF_AUTH_TOKEN="<your cloudflare API token>" CF_ZONE_ID="<zone ID for the domain you wish to update>" curl -X PUT \ "https://api.cloudflare.com/client/v4/zones/${CF_ZONE_ID}/rulesets/phases/http_request_firewall_custom/entrypoint" \ -H "Authorization: Bearer $CF_AUTH_TOKEN" \ -d '{ "rules": [ { "description": "Allow dlvr.it/1.0 User-Agent", "expression": "(starts_with(http.user_agent, \"dlvr.it/1.0\"))", "action": "skip", "action_parameters": { "phases": [ "http_request_firewall_managed", "http_ratelimit", "http_request_sbfm" ], "ruleset": "current", "products": [ "zoneLockdown", "uaBlock", "bic", "hot", "securityLevel", "rateLimit", "waf" ] } } ] }'For more detail on creating custom rules via the API, see Cloudflare's documentation.
Not sure where to find your Zone ID? You can find it on the Overview page for your domain in the Cloudflare dashboard, in the right-hand sidebar under API.
Still seeing a 403 error after setting up the rule? Reach out to our support team and we'll help you troubleshoot.