I am unable to use "url" as a value of get variable.
For example:
mysite.com/hits.php?url=http://www.outboundlink.com

My server returns a 403 Forbidden error.

But it works fine if I encode the url (php urlencode() function)
Why does my server outputs the error. Does having plain url in get variable will have any security implications?

Also when I encode the url, IE displays it correctly in the status bar but not Firefox.

mysite.com/hits.php?url=http://www.outboundlink.com

if your site allows this for any link ppl can get links from ur site

example.. mysite.com/hits.php?url=http://www.mydomain.com

see what i mean?, but i dont know if thats the problem or not..