What Is rel=”noopener” in WordPress? (Explained)

We once helped a user whose visitors were redirected to unsafe websites after clicking normal external links. The culprit was a tiny missing snippet of code that created a security risk.

It is completely normal to feel curious or even a bit confused when you see technical jargon like rel="noopener" in your editor. You might wonder what it does and if your website needs it.

Luckily, you don’t need to be a developer to keep your site safe. Our team at WPBeginner has secured thousands of websites, and we know exactly how to handle these background settings.

Let’s look at what this small text attribute actually does and how it protects your readers. Don’t worry, adding rel="noopener" is completely invisible to your website visitors. It does not change the color of your links or how fast the new tab opens. It only works in the background.

What Is rel=”noopener” in WordPress?

When you add links to your WordPress website, you can use HTML attributes to control what happens when you click the link.

For example, when you create a link, there is a toggle switch that allows you to open it in a new tab.

Notice that an HTML attribute has been added to the link: rel="noopener". This attribute is added to address a security vulnerability.

<a href="http://example.com" target="_blank" rel="noopener">external link</a>

When you use target="_blank" to make a link open in a new tab, there’s something potentially unexpected that happens behind the scenes by default. The new tab actually gets a kind of connection back to the original tab you were just on.

This connection is made through something in web browsers called window.opener. The page in the new tab can access and even control certain properties of the original tab, like changing the page’s address (window.opener.location).

This creates a security vulnerability known as ‘Reverse Tabnabbing’.

Imagine you click a link on a trusted website, and it opens a malicious page in a new tab. Because of this window.opener connection, that malicious page could potentially change the original trusted page you were just viewing into a fake login page (a phishing scam), tricking you when you switch back to the original tab.

The noopener link attribute is designed to prevent this specific security risk.

When you add rel="noopener" to a link that opens in a new tab, you tell the browser not to create that window.opener connection between the two tabs. This protects your users from scams and phishing attempts.

How Does rel=”noopener” Affect Your WordPress SEO?

It doesn’t.

Even though the rel="noopener" attribute improves your WordPress site’s security, some users avoid using it because they think it will impact their WordPress SEO.

But that’s just a myth.

It has no impact on your site’s SEO rankings or your overall WordPress performance.

What’s the Difference Between “noopener” and “nofollow”?

It’s easy to confuse rel="noopener" with rel="nofollow". However, they are completely separate attributes.

The noopener attribute prevents your website from cross-site hacking and improves WordPress security.

On the other hand, the nofollow attribute prevents your website from passing on SEO link juice to the linked website.

Search engines look for and consider the nofollow attribute when following a link on your website. However, they do not give any consideration to the noopener tag.

The nofollow attribute tells search engines not to pass any SEO authority to the website you’re linking to. While the WordPress block editor has a built-in toggle to add nofollow to a link, a plugin is often needed for more advanced control.

For example, you might want to automatically apply the nofollow tag to all external links on your site, which is where an SEO plugin becomes essential.

To learn more, see our article on how to add title and nofollow to links in WordPress.

Does rel=”noreferrer” Affect Affiliate Links in WordPress?

In older versions of WordPress, a rel="noreferrer" tag was also automatically added to links. While most affiliate programs use URL parameters (meaning they weren’t affected), the noreferrer tag did occasionally hide tracking data from affiliate dashboards and analytics tools.

Because of this, WordPress removed the noreferrer tag in version 5.3.1. You no longer need to worry about it affecting your affiliate links.

Secondly, most affiliate marketers use a link-cloaking plugin for their affiliate links.

With link cloaking, the affiliate link that your users click on is actually your website’s own URL, which then redirects users to the destination URL.

How Do You Disable rel=”noopener” in WordPress?

There is no need to remove rel="noopener" from links on your website. It is good for your website’s security and has no performance or SEO impact on your website.

If you absolutely must remove it, then you will have to disable the Gutenberg block editor in WordPress and use the classic editor.

That’s because if you remove rel="noopener" from the link manually, then the block editor will automatically add it back in to keep your website safe.

Once the block editor is disabled, you will need to add a code snippet to your theme’s functions.php file or to the WPCode plugin (recommended). You can learn how to use the WPCode Free Plugin in our guide on how to easily add custom code in WordPress.

Simply copy the following code into a new PHP snippet:

add_filter('tiny_mce_before_init','wpb_disable_noopener');
function wpb_disable_noopener( $mceInit ) {
    $mceInit['allow_unsafe_link_target']=true;
    return $mceInit;
}

Make sure you turn the ‘Active’ toggle on and then click the ‘Save Snippet’ button.

This will stop WordPress from adding rel="noopener" to new links. You will also need to manually edit any old links to remove the attribute.

For even more control over the attributes on your links without touching any HTML code, we recommend using the All in One SEO (AIOSEO) plugin.

While WordPress handles security automatically, AIOSEO lets you easily add SEO attributes like nofollow or sponsored right inside the block editor’s link popup, helping you manage your external links for SEO best practices.

Frequently Asked Questions About rel=”noopener”

Here are answers to some of the most common questions we get about the “noopener” attribute in WordPress.

1. What is the main purpose of using rel=”noopener”?

The main purpose of rel="noopener" is security. It prevents a new tab from being able to control the original tab that opened it, which protects your visitors from malicious phishing scams.

2. Is rel=”noopener” good for SEO?

The rel="noopener" attribute has no direct impact, either positive or negative, on your website’s SEO. Its function is purely for security, and search engines do not use it as a ranking factor.

3. Should I remove rel=”noopener” from my links?

No, there is no good reason to remove rel="noopener". It provides an important security benefit with no negative side effects on SEO or site performance, so it is best to leave it in place.

4. Does WordPress add rel=”noopener” automatically?

Yes, WordPress automatically adds rel="noopener" to links set to open in a new tab. This important security feature was first introduced in WordPress 4.7.4 and is a standard part of the modern block editor.

Additional Resources on Using Links in WordPress

We hope this article helped you learn about rel="noopener" in WordPress. You may also want to see some other guides on using links in WordPress:

• Beginner’s Guide on How to Add a Link in WordPress
• How to Open External Links in a New Window or Tab with WordPress
• How to Add Nofollow Links in WordPress (Simple Guide for Beginners)
• How to Add Title and NoFollow to Insert Link Popup in WordPress
• How to Nofollow All External Links in WordPress
• How to Track Link Clicks and Button Clicks in WordPress (Easy Way)
• How to Track Outbound Links in WordPress
• How to Change the Link Color in WordPress (Beginner’s Guide)
• Internal Linking for SEO: The Ultimate Guide of Best Practices
• How to Preload Links in WordPress for Faster Loading Speeds
• How to Find and Fix Broken Links in WordPress (Step by Step)
• Best Internal Linking Plugins for WordPress (Automatic + Manual)

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.