Taking care of security on your website is one of the most important aspects of being a site owner. You might understand the importance of having HTTPS in your URL prefix, or why you need an SSL certificate. But do you know what the noopener noreferrer HTML tag attributes mean, and when you should use them?
In this article, weβll go over what rel=βnoopener noreferrerβ means, when it should be used, and how it affects your site from an SEO perspective. Letβs jump right into it.
What is rel=βnoopener noreferrerβ?
The rel=βnoopener noreferrerβ HTML attributes appear in external hyperlinks. Specifically, using both the noopener and noreferrer attributes prevents:
- the linkβs target loading in the same tab where the link was clicked
- the backlink from appearing as referral traffic in the destination siteβs analytics
This is what the tag attributes look like in action:
<a href="https://www.google.com/" target="_blank" rel="noopener noreferrer">
WordPress automatically adds these attributes to external links that you set to open in a new window. Letβs break them down and look at what each attribute does.
noopener
If you want to prevent an external link from taking control of your userβs originating browser window, youβll want to add a noopener attribute. According to MDN,
β[noopener] instructs the browser to navigate to the target resource without granting the new browsing context access to the document that opened it. [β¦] This is especially useful when opening untrusted links, in order to ensure they cannot tamper with the originating documentβ¦β
In short, noopener is largely a security measure to prevent malicious links from gaining access to a userβs browser (a phishing attack known as tabnabbing). In the past, leaving target=β_blankβ alone in your link opened up this security vulnerability. Now, whenever you have an external link set to open in a new browser window using target=β_blankβ, most search engines and SEO experts consider it best practice to use noopener alongside it.
(According to Mozilla Developer Network (MDN), the target=β_blankβ attribute βnow implicitly provides the same <rel> behaviorβ as noopener. We feel that itβs still worth being doubly safe and including noopener since not all users click links in the most up-to-date and secure browsers.)
noreferrer
Essentially, noreferrer keeps external sites from knowing that you have included links to their material on your website. This could be important to you for privacy or security reasons. All in all, this particular attribute is one youβd want to think through before applying it to your links. Using it really depends on your preferences.
The noreferrer attribute masks your referral links in destination analytics. It protects your siteβs information from being transferred to the website your users are navigating to. As a result, this causes the links to appear as Direct traffic in Google Analytics, rather than Referral traffic from your specific domain.
If someone navigates to your website using a link that does not include noreferrer, then youβll be able to see their website listed in your Referral traffic link on your Analytics dashboard. But if the link includes noreferrer, it will appear in Direct traffic. You can find these listings in Google Analytics under Acquisition > All Traffic > Channels and Acquisition > All Traffic > Referrals.
It will still pass βlink juiceβ for SEO, but not data regarding the originator. If youβre not interested in passing on that SEO boost, nofollow is going to be an additional tag you want to add.
Using with rel=βnofollowβ
Adding the nofollow attribute to a link that includes rel=βnoopener noreferrerβ allows you to link to other websites without appearing to approve their content or perspective. Google says this attribute should be used βfor cases where you want to link to a page but donβt want to imply any type of endorsement, including passing along ranking credit to another page.β
Basically, nofollow tells Google that you donβt want it to perceive you as supporting a particular site just because you link to it. There are a number of similar link attributes that help Google understand the intent behind a link, including attributes for labeling sponsored and user-generated content (many of which can be added via Schema markup).
In short, adding all three attributes β noopener, noreferrer, and nofollow β to a link tells Google that you are:
- Willing to protect your site users from potentially malicious external links (noopener)
- Unwilling to appear in a websiteβs analytics data as Referred traffic (noreferrer)
- Unwilling to endorse the content or creator youβre linking to (nofollow)
The nofollow attribute seems fairly specific, so you probably only want to use that on a case-by-case basis and not as a general rule. Many blogs set their comments sections to nofollow to avoid comment spam from bots and people who donβt contribute to the conversation.
When to Use βnoopener noreferrerβ
You want your website to be as secure as possible for your visitors. Because you want to build and leverage a strong backlink strategy, you wonβt use rel=βnoopener noreferrerβ all the time. For example, you should avoid using it when linking to internal pages within your site.
Using rel=βnoopener noreferrerβ tells Google that you care about link security. And you donβt want certain sites to recognize your site as a referral.
Overall Impact of βnoopener noreferrerβ on SEO
When you use the rel=βnoopener noreferrerβ attributes in your external links, this shouldnβt have a direct negative effect on your SEO backlink strategy. Neither attribute will cause your technical SEO ranking to take a hit. In fact, using noopener alongside target=β_blankβ will provide better on-page SEO because users will remain on your site, even as they navigate to another.
However, noreferrer will keep Google from being able to recognize when youβre linking to othersβ sites. And, other website owners wonβt be able to see when youβre linking to them.
That means youβre cutting out the possibility of reciprocal links. After all, if youβre not giving site owners the option to see your referral traffic when they go over their analytics, they canβt know itβs from you.
Backlinks to your website from elsewhere arenβt guaranteed. Still, it doesnβt hurt to do as much as you can to connect with sites and content you love. Generally speaking, though, using rel=βnoopener noreferrerβ in your external links wonβt cause any harm. Just make sure not to use them on your own website pages when you use internal links. Doing so could cause problems in your own site analytics and with Googlebot crawling and indexing your site structure.
Conclusion
Now that you know how to use rel=βnoopener noreferrerβ on your website, itβs time to plan accordingly. If you need to, consider creating a spreadsheet of the external links you include on your site. Also, track the page theyβre on and the attributes youβve applied to them. Doing so can be helpful for quick reference in case you need to make future changes.
Do you use rel=βnoopener noreferrerβ in your hyperlinks? Why or why not? Drop us a comment and let us know what you think.
Featured image via Sammby / shutterstock.com
hello, thank you a ton for this piece.
Can you please show us a way to stop the link rel”noreferrer” from being applied to a WordPress site using the Gutenberg editor.
I have toiled the web without finding a solution. Worst-case-scenario, when you remove the tag from WordPress, it will still attach it back on the live web page.
Please don’t disregard. I really need a fix for this.
Would you mind adding an option in this post that provides solution? Thank you so much in advance
Hi Hayley, thank you for the detailed analysis of these tags. Most of the websites use this a lot in their redirects and links. I, on the other hand, have used noopener in my social links in the footer section. As i run a coupon website, should i also use noopener and noreferrer in my coupon listing as well where i’m redirecting user to an e-commerce website to complete the transaction/purchase?