Skip to main content

Cloudflare: Allow dlvr.it to access your RSS feeds

Getting a 403 Forbidden error when dlvr.it pulls your RSS feed? Using Cloudflare? Your firewall may be blocking dlvr.it from fetching your RSS feeds. This guide shows you how to create a simple Cloudflare rule that allows dlvr.it access.

If your RSS feed is hosted on a site protected by Cloudflare, dlvr.it's Feed Fetcher may be getting blocked. When this happens, you'll see a 403 Forbidden error when dlvr.it tries to fetch your feed.

The fix is straightforward — you'll create a custom rule in Cloudflare that tells it to allow dlvr.it through.

Option 1: Create a custom rule in the Cloudflare dashboard

This is the easiest method if you're comfortable working in the Cloudflare interface.

  1. Log into your Cloudflare account.

  2. Select the domain you want to update from your dashboard.

  3. In the left sidebar, click Security, then click Security Rules.

  4. Click New Rule and choose Custom Rule.

  5. Give your rule a name — something like Allow dlvr.it feed fetcher works well.

  6. Set up the rule conditions as follows:

    • Field: User Agent

    • Operator: starts with

    • Value: dlvr.it/1.0

  7. Under Then take action... select Skip.

  8. Under WAF components to skip, check all of the boxes.

  9. Click More components to skip and check all of the newly displayed boxes as well.

  10. Click Deploy to save and activate the rule.

Option 2: Create a custom rule via the Cloudflare API

If you prefer to work with the Cloudflare API, you can create the same rule programmatically.

Your API token must have at least Zone WAF — Edit permission to do this.

Replace <your cloudflare API token> and <zone ID for the domain you wish to update> with your own values, then run the following:

CF_AUTH_TOKEN="<your cloudflare API token>"
CF_ZONE_ID="<zone ID for the domain you wish to update>"
curl -X PUT \
    "https://api.cloudflare.com/client/v4/zones/${CF_ZONE_ID}/rulesets/phases/http_request_firewall_custom/entrypoint" \
    -H "Authorization: Bearer $CF_AUTH_TOKEN" \
    -d '{
   "rules": [
       {
           "description": "Allow dlvr.it/1.0 User-Agent",
           "expression": "(starts_with(http.user_agent, \"dlvr.it/1.0\"))",
           "action": "skip",
           "action_parameters": {
               "phases": [
                   "http_request_firewall_managed",
                   "http_ratelimit",
                   "http_request_sbfm"
               ],
               "ruleset": "current",
               "products": [
                   "zoneLockdown",
                   "uaBlock",
                   "bic",
                   "hot",
                   "securityLevel",
                   "rateLimit",
                   "waf"
               ]
           }
       }
   ]
}'


For more detail on creating custom rules via the API, see Cloudflare's documentation.

Not sure where to find your Zone ID? You can find it on the Overview page for your domain in the Cloudflare dashboard, in the right-hand sidebar under API.

Still seeing a 403 error after setting up the rule? Reach out to our support team and we'll help you troubleshoot.

Attachment icon
cloudflare1
Related Articles
How dlvr.it identifies itself and how to control feed access
My RSS feed works in a browser but times out in dlvr.it
Did this answer your question?