What Is Noreferrer? Web Security, Privacy, and SEO Implications
What in the name of website development is a noreferrer?
To catch you up to speed, here’s what’s in store for you
- a straight-to-the-point answer to the question, “What is noreferrer,”
- a look at why noreferrer matters more than you might think,
- and insight into practical tips and tricks for the savvy webmaster.
What Is Noreferrer?
Noreferrer (rel=“noreferrer”) is an HTML attribute involved specifically in web privacy and security. The noreferrer attribute is primarily used for external links, instructing the user’s browser to exclude the HTTP referer header when navigating from one site to another and preventing external sites from tracking traffic sources.
It’s like telling the browser, “Hey, when a user navigates to a third-party site, don’t share where they’ve come from.” So when someone clicks a link from your site to another, the destination site won’t see that the user’s visit originated from your website.
Learn more: Interested in broadening your SEO knowledge even further? Check out our SEO glossary, where we’ve explained over 250+ terms.
Noreferrer Use-Cases 👇
Why would you wish to prevent an external site from tracking traffic sources? Let’s explore some use-case scenarios:
- Websites that prioritize security might use noreferrer to reduce the risks posed by malicious sites gaining access to site data, limiting the potential for exploitation through the referer header.
- When a browser doesn’t have to send referrer information, it can reduce the amount of data transmitted, leading to marginal page speed performance gains.
- Some site owners might prefer not to let external sites know they are sending traffic their way, especially if they monitor their analytics closely, preventing the destination site from identifying them as the traffic source in their analytics tools.
- If a website links to another site but doesn’t want to appear as endorsing or being associated with it, using noreferrer helps maintain distance—particularly useful when linking to controversial or unrelated content.
- For websites with strict privacy policies, using noreferrer aligns with their commitment to user privacy by not sharing referrer information with third-party sites.
Why Is Noreferrer Important?
Let’s dive into why noreferrer is more than just a piece of code—it’s a catalyst for privacy.
Enhancing Website Security
The referer header typically tells the destination website where website traffic is originating. As we just explored, by blocking this information with noreferrer, you’re effectively shutting a door that could potentially let cyber threats sneak a peek at your site’s traffic patterns. It’s a simple yet effective way to boost your website’s privacy and security, keeping those digital peeping Toms at bay.
Specifically, using the noreferrer tag will protect these potential security and privacy risks:
Exposing Source Page URL
The referer header typically includes the full URL of the page where the request originated—potentially exposing information that could be used to identify the source of traffic, which might be sensitive in some contexts.
User Tracking and Profiling
A nefarious actor could track users’ browsing habits and preferences by collecting referer headers across various sites. Data that could be used for targeted phishing attacks, advertising, or other forms of manipulation.
Website Structure Knowledge
The referrer URL may reveal the structure of the source website, including directory paths and page names. Information that could be used in targeted attacks against the website, such as attempting to access unprotected directories or exploiting known vulnerabilities in specific page types.
Cross-Site Request Forgery (CSRF) Attacks
If a website is vulnerable to cross-site request forgery (CSRF) attacks, the referer header could be used to craft malicious requests that appear legitimate, potentially leading to unauthorized actions on behalf of the user.
Referral bombing involves a large number of requests with a fake referer header to be sent to a site. If the site publicly displays referral data (like in analytics reports), this can skew data or be used to display inappropriate or malicious URLs.
The SEO Angle
The noreferrer tag doesn’t directly impact SEO and search engine rankings, but it does in indirect ways. Let’s explore how.
Indirect SEO Benefits
Search engines like Google are big on user safety. They’re constantly tweaking their algorithms to favor secure websites. By using noreferrer, you’re slamming the door on potential security risks, making your site a safer place for visitors. This safety-first approach is something search engines appreciate and can indirectly boost your site’s standing in search results.
User Engagement Metrics
Security isn’t just about keeping the bad guys out. It’s about keeping your visitors in. A secure site encourages users to stick around, dive deeper, and engage more. These positive user engagement metrics, like lower bounce rates and longer session durations, are green flags for search engines and can positively influence your SEO rankings.
Link Building Context
Here’s a nugget for the link builders out there: while noreferrer keeps referral data under wraps, it doesn’t impact the link juice (link equity) of the backlink. So, rest easy knowing that the juice is still flowing, even if the traffic source is hush-hush.
Learn more: link building basics.
Building Trust and Reputation
A trustworthy site attracts repeat visits, social shares, and backlinks. These are all positive signals to search engines, indicating that your site is a valuable resource worth ranking higher.
Future-Proofing Your SEO
In the ever-evolving world of SEO, staying ahead of the curve in security practices, like using noreferrer, prepares your site for future algorithm updates. Search engines are increasingly prioritizing user privacy and security, so getting on board now is a smart move for the long run.
Noreferrer in Practice
When it comes to the practical application of noreferrer, there are a couple of key areas where its impact is particularly noticeable. Let’s explore.
WordPress and Noreferrer
WordPress users take note. WordPress has started to automatically add the noreferrer tag to external links. This move, aimed at enhancing security and privacy, means that when you link to another site from your WordPress blog or website, it automatically includes the noreferrer attribute.
It can obscure valuable referral data, making tracking where your traffic comes from harder—just something to be aware of.
Affiliate Marketing and Noreferrer
Typically, affiliate marketing relies heavily on tracking where traffic comes from to attribute sales or actions correctly. With noreferrer used on affiliate links, this tracking can become less transparent, potentially affecting how affiliate sales are credited.
So, what’s an affiliate marketer to do? You can use other tracking methods or tools that don’t rely solely on referrer data, including UTM parameters or specialized affiliate tracking software. It may also be a good idea to contact your affiliate programs. Discuss how they handle noreferrer-tagged traffic and explore if there are alternative ways to make sure your traffic is correctly attributed.
Q1: How Does Noreferrer Differ From Noopener and Nofollow Attributes?
Noreferrer removes referrer information when linking to another site, enhancing privacy. In contrast, noopener prevents the new page from controlling the originating page, boosting security, while nofollow tells search engines not to follow a link, influencing SEO.
Q2: Is Noreferrer Necessary for Internal Links?
Noreferrer is primarily used for external links to enhance privacy. For internal links within the same domain, it’s generally not necessary as the referrer information remains within the same site and is not considered a security risk—unless you plan on sabotaging your website.
Q3: Can Noreferrer Negatively Impact My Site’s SEO?
Noreferrer does not negatively affect SEO rankings. In fact, it enhances website security, which search engines value, indirectly benefiting SEO. It maintains referral data privacy without impacting link equity, supporting the site’s trustworthiness and long-term SEO health.
Conclusion and Next Steps
Grasping the ins and outs of noreferrer is just the beginning of your SEO journey. That’s where Loganix steps in. We’re not just about theory—we’re about action.
Think of us as your SEO toolkit, packed with everything from in-depth audits to bespoke content strategies.
🚀 Swing by our SEO services page, and let’s chase down your SEO goals together. 🚀