diff --git a/b3lb/rest/classes/api.py b/b3lb/rest/classes/api.py
index 9f01705..a558f16 100644
--- a/b3lb/rest/classes/api.py
+++ b/b3lb/rest/classes/api.py
@@ -335,7 +335,7 @@ def allowed_methods(self) -> List[Literal["GET", "POST", "DELETE", "PATCH", "PUT
 
     def filter_recordings(self, meeting_id: str = "", recording_id: str = "") -> QuerySet[Record]:
         if self.state and self.state not in ["unpublished", "published"]:
-            return QuerySet(model=Record)  # return empty QuerySet if state isn't in allowed states
+            return Record.objects.none()  # return empty QuerySet if state isn't in allowed states
 
         query = Q(record_set__secret=self.secret)
 
@@ -344,14 +344,12 @@ def filter_recordings(self, meeting_id: str = "", recording_id: str = "") -> Que
                 UUID(recording_id)
                 query &= Q(uuid=recording_id)
             except ValueError:
-                return QuerySet(model=Record)  # return empty QuerySet for BadRequest
+                return Record.objects.none()  # return empty QuerySet for BadRequest
 
-        if meeting_id:
-            try:
-                UUID(meeting_id)
-                query %= Q(record_set__meta_meeting_id=meeting_id)
-            except ValueError:
-                return QuerySet(model=Record)  # return empty QuerySet for BadRequest
+        if meeting_id and 2 <= len(self.meeting_id) <= cst.MEETING_ID_LENGTH:
+            query &= Q(record_set__meta_meeting_id=meeting_id)
+        elif meeting_id:
+            return Record.objects.none()  # return empty QuerySet for BadRequest
 
         if self.state == "published":
             query &= Q(published=True)