diff --git a/pages/api/search.ts b/pages/api/search.ts
index d140f6c..1762264 100644
--- a/pages/api/search.ts
+++ b/pages/api/search.ts
@@ -9,10 +9,19 @@ import siteConfig from '../../config/site.config'
  * Sanitize the search query
  *
  * @param query User search query, which may contain special characters
- * @returns Sanitised query string which replaces non-alphanumeric characters with ' '
+ * @returns Sanitised query string, which:
+ * - encodes the '<' and '>' characters,
+ * - replaces '?' and '/' characters with ' ',
+ * - replaces ''' with ''''
+ * Reference: https://stackoverflow.com/questions/41491222/single-quote-escaping-in-microsoft-graph.
  */
 function sanitiseQuery(query: string): string {
-  const sanitisedQuery = query.replace(/[^a-zA-Z0-9]/g, ' ')
+  const sanitisedQuery = query
+    .replace(/'/g, "''")
+    .replace('<', ' &lt; ')
+    .replace('>', ' &gt; ')
+    .replace('?', ' ')
+    .replace('/', ' ')
   return encodeURIComponent(sanitisedQuery)
 }