@Austin Ginder: WPEngine is managed hosting with higher attention to anti-malware security than most hosts. You could have words (partial words) in some URLs that trigger their security system to block the URL. This would be a 403 error but before it ever gets to your account.
Sucuri and iThemes Security and related security plugins might also block some URLs, for the same reasons. Learn how to make exceptions for their security rules, or disable the specific rule.
I first ran into these problems with SiteGround blocking bad User-Agents, such as semalt, archive.org, Baiduspider, MJ12bot (all triggering 403 Forbidden errors); if I remember right I was writing a post comparing zip/tar/7zip etc archive formats and "-archive" was blocked in the URL. Then I had my .htaccess script blocking words like "update" (a SQL command hackers use) and had to make an exception for WordPress URLs such as /wp-admin/network/site-new.php?update=added or /wp-admin/network/update-core.php and the list goes on...
