SEO glossary: rel="noopener noreferrer"

Short & sweet: What is rel noopener noreferrer?

Rel noopener and rel noreferrer are two link attributes. A rel attribute can be used for external links to provide information about the relationship (rel) between the source page and the linked page. The "noopener" attribute increases the security of links, while the "noreferrer" attribute hides the origin of a link.

 

Both attributes can be combined to rel noopener noreferrer.

 

rel attribute Noopener: Close JavaScript security vulnerability

The rel attribute Noopener is used to close a security gap in JavaScript. To understand how this works, we will first explain how to call up a page via a link:

 

  • Users visit a website A and read a text on one of the subpages. They find a link in the text to further content on another website B and click on it.
  • The operator of website A wants to offer added value to the users by linking the content of website B and therefore sets the link, but he does not want to lose his users. Therefore, he uses the following command for the link: target="_blank".
  • This command tells the browser to open the link to the linked website B in a new browser tab. The advantage for the operator of website A here is that his page still remains open in the previous tab and users are more likely to return to his website.
  • However, when opening the second tab, a security hole opens up. This is because the browsers work with the following JavaScript property or command: [window.opener]. Unfortunately, this JavaScript property is a gateway for hackers.
  • The hackers could use the simple command [window.open.location] and a false URL to redirect users to the wrong websites. The hackers could also gain access to the source code of website A and manipulate it, which could render the website inoperable.

 

This lack of security problem occurs with external links where the target="_blank" command is used to open a linked page in a new browser tab. For an external link that is opened in the same browser tab as the tab of website A, this security deficit does not occur.

 

Consequently, all website owners and SEO experts who equip the anchor tags of external links with the command target="_blank" are called upon to use the rel noopener attribute. Here is an example of how to set the rel noopener attribute in the HTML language:

 

<a href="https://www.timospecht.de/" target="_blank" rel="noopener">

 

rel noopener not only increases the security of your own website, but also protects your own website visitors from damage caused by hacker attacks via [window.open.location] and incorrect URLs. It is one of the most important security aspects when setting external links in link building.

 

For all internal links and especially for those external links where the linked page does not open in a new browser tab, rel noopener does not have to be used.

 

For existing websites that have external links with the command target="_blank", but without the rel noopener attribute, an adjustment is required: all external links must subsequently be equipped with rel noopener. Doing this for all links usually involves an enormous amount of work.

 

Plugins have been developed for some content management systems (CMS), such as the WordPress system, which can be used to add HTML attributes such as rel noopener. One example of such a plugin for WordPress is the "Add Target Fixer" plugin.

 

In a free SEO strategy talk, we uncover untapped potential and develop a strategy to help you become more successful on Google. 

 

Anchor tags with rel attribute noreferrer: Disguise the origin of the link

Normally, website B, which receives a link from website A, can check the origin of the link - I mean:

 

The operator of website B is informed from where the users find their website. However, if the operator of website A sets the rel noreferrer attribute in the tag for the link to website B, the operator of the other website can no longer see the origin of the link; instead of a URL of website A, for example, Google Analytics displays the note "(direct) / (none)".

 

The rel noreferrer attribute is to be used when operators of linked websites should not know from which website they are linked to. There is no known case where you should hide the origin of the link from website operators, but rel noreferrer was introduced just in case. How to use rel noreferrer correctly:

 

<a href=“https://www.timospecht.de/“ target=“_blank“ rel=“noreferrer“>

 

For the majority of external links, the use of the rel noreferrer attribute is even undesirable. Especially in affiliate marketing, where website operators set affiliate links to other websites and receive a commission if new customers are successfully marketed, the use of the rel noreferrer attribute is completely pointless.

 

Affiliate partners need to know where their customers come from in order to be able to allocate commission payments correctly.

 

I am known from big media such as Stern, GoDaddy, Onpulson & breakfast television and have already worked with over 100+ well-known clients successful on Google. 

Google rating

Based on 185 reviews

Trustpilot rating

Based on 100 reviews

 

Combination of different HTML attributes: noopener, noreferrer, nofollow and others

It is permitted to combine different attributes with each other. Although some SEO agencies and SEO experts combine the attributes rel noopener and rel noreferrer and use noreferrer as rel noopener in the anchor tag, this combination is usually pointless. The reason for this is simple:

 

Because there is no meaningful purpose for rel noreferrer, there is also no purpose for the combination rel noopener noreferrer.

 

It is different with the attribute combination of noreferrer and nofollow. Combining these two attributes is recommended when the external link should be opened in a new tab of the browser and when the linked web page should not be visited by the crawlers. The latter - preventing crawling - is in fact the effect of using the nofollow attribute.

 

Conclusion: What is rel noopener noreferrer?

The HTML attribute rel noopener noreferrer rarely makes sense because there is no known meaningful use for the noreferrer attribute. The situation is different with the rel noopener attribute alone: this is extremely useful as it eliminates a security gap in JavaScript and increases both security for users and security for website operators.

 

The rel noopener attribute should only be used for outgoing links that open in a new browser tab. A combination of the HTML attribute rel noopener with the attribute rel nofollow is possible and recommended in some cases.

 

Register now and receive regular tips from the experts. 

 

Table of contents:

Table of Contents

Share the post

SEO Glossary

More glossary articles

Further contributions

Interesting blog articles

Specht GmbH: Your SEO & SEA specialists

Secure your free strategy meeting now