Links are the lifeblood of the web. As a site owner, you likely add links constantly to provide value for your readers.
But have you noticed that WordPress automatically adds some extra code when you link to external sites?
Specifically, external links opening in new tabs include rel="noopener":
<a href="http://example.com" target="_blank" rel="noopener">Example Link</a> This isn‘t accidental. The rel="noopener" attribute serves an important security purpose.
In this in-depth guide, I‘ll explain exactly what rel="noopener" does, why WordPress adds it, and how you can use it for optimal security and SEO.
Contents
How the Window.Opener Vulnerability Works
To understand rel="noopener", you first need to grasp how external links can pose a security risk to your site.
The issue lies in a JavaScript feature called window.opener. When you open a link in a new tab, the new tab has access to the window.opener property pointing back to the original page that linked to it.
This allows the new tab to manipulate the page that created it.
Attackers can exploit this behavior to run malicious code if you open an external link. For example:
- Your site links to an malicious external site
- The malicious site inserts JavaScript to access
window.opener - This allows it to steal data or insert malware on your original page
Below is a simplified code example of how an attack site could leverage window.opener:
// Malicious external site
var attackingWindow = window.opener;
attackingWindow.document.body.innerHTML = ‘You have been hacked!‘; This vulnerability allows the malicious page to directly edit the page that linked to it. Not good!
Rel="noopener" to the Rescue
The rel="noopener" attribute prevents this attack vector by limiting access to the window.opener property.
With rel="noopener" added, the newly opened tab cannot interact with the original page at all. This keeps your site safe.
WordPress began automatically adding rel="noopener" a few years ago to protect users from potential cross-site attacks. There‘s no need to manually add this attribute – WordPress handles it for you.
Common Myths and Questions About Rel="noopener"
Now that you know what rel="noopener" does, let‘s clear up some common misconceptions.
Does rel="noopener" hurt my site‘s SEO?
No! Many site owners wrongly assume that because rel="noopener" limits JS connectivity between pages, it may also impact SEO.
But this is completely false. Search engines do not use the rel="noopener" attribute for crawling, indexing, or page rank purposes. There is zero SEO impact.
What‘s the difference between rel="noopener" and rel="nofollow"?
This is another big source of confusion. But the two attributes are completely unrelated:
| rel="noopener" | rel="nofollow" |
|---|---|
| Security attribute | Controls SEO |
| Prevents tab manipulation | Prevents passing SEO juice |
| Added automatically in WordPress | Must be manually added |
When should rel="noopener" be removed?
Generally there‘s no good reason to remove this security feature. However, some sites report issues with embedded YouTube videos adding crazy long chains of noopener attributes.
Others simply may not want the added code for performance reasons. We‘ll cover how to safely disable it next.
How to Remove Rel="noopener" in WordPress
If you need to remove rel="noopener" from your site, here are two options:
Option 1: Disable the Block Editor
The block editor auto-adds rel="noopener", so disabling it will stop this behavior.
To do this:
- Install and activate the Classic Editor plugin
- Go to Settings > Writing
- Check the box for "Classic Editor"
Now when you manually add links, they will not include rel="noopener".
Option 2: Use a Code Snippet
Adding this snippet functions the same as disabling the block editor:
add_filter(‘tiny_mce_before_init‘,‘disable_noopener‘);
function disable_noopener( $mceInit ) {
$mceInit[‘allow_unsafe_link_target‘]=true;
return $mceInit;
}Save this code in your theme‘s functions.php file or a plugin like Code Snippets.
Be aware that completely removing noopener opens potential security holes. Make sure you thoroughly test site functionality if you go this route.
Expert Tips for Managing Links in WordPress
With 15+ years as a WordPress professional, I‘ve compiled some powerful tips for boosting your link game:
Selectively Use nofollow
Rather than nofollow all external links, do it selectively to preserve SEO juice for helpful resources. I suggest nofollowing:
- Paid links
- Affiliate links
- Partner links
- Untrusted sites
Utilize Link Targeting Plugins
Tools like AIOSEO and SEOPress give you granular control over link attributes right inside the editor.
You can disable noopener for specific links only rather than site-wide.
Check Links Regularly
Nothing hurts credibility like dead links. Install a broken link checker like Broken Link Checker to maintain quality.
Prioritize Internal Links
Focus first on linking related content together. Create a hub and spoke internal linking structure centered around pillars and silos.
Use Link Redirects and URL Shorteners
Tools like Pretty Links let you create cleaner URLs for sharing or internal navigation.
Always Test Links
Click every single link you add to validate it works correctly. Don‘t just visually check anchor text – test the actual destination.
Mind the Link Juice Budget
Be thoughtful about balancing external links versus internal. Too many outbound links leak "link juice" and dilute your internal pages.
Boost Site Speed by Optimizing Link Performance
Adding too many links without optimizing their performance can actually slow down your pages. Here are some quick tips to improve speed:
- Set linking plugins like Pretty Links to nofollow all redirects
- Preload important external links using
<link rel="preload"> - Preconnect resource-heavy destinations like YouTube
- Lazy load non-critical links below the fold
- Limit the number of links per page when possible
With just a few tweaks, you can create a clean linking structure optimized for both visitors and search engines.
Supercharge Your WordPress Link Strategy
Links remain one of the most important elements for SEO and usability. I hope this detailed guide provides invaluable context around how WordPress handles links.
Please feel free to reach out if you have any other questions! I‘m always happy to help fellow site owners master their link strategies.
