Missing Noopener Attribute

This error appears when there are external links that open in a new tab without the noopener attribute. Here's what it means and how to add it to protect your site.

What this error means

When a link has the target="_blank" attribute, it opens in a new browser tab. The problem is that without rel="noopener", the page that opens can access your site's window.opener object. That means that external page has the ability to redirect your original tab to another URL without the user knowing. This type of attack is known as reverse tabnabbing. The user thinks they're still on your site, but they've actually been redirected to a malicious page that can impersonate yours to steal credentials or other data. It's not an error that directly affects performance or rankings, but it is a real security vulnerability worth closing. And doing so is as simple as adding an attribute to each affected link. This error usually appears on sites that add target="_blank" to their external links without considering the security implications, or in older templates that didn't include noopener by default.

Why adding the noopener attribute matters

A link without noopener is a door left ajar on your site. It's invisible, it doesn't cause problems, and most of the time nothing happens. But when someone decides to take advantage of it, the consequences can be serious. Adding it is a two-second change that shuts that door completely.

Impact on SEO rankings

Google values security as part of a site's technical quality. While this error doesn't directly penalize rankings, having known security vulnerabilities left unaddressed can affect Google's perception of your site's reliability.

Impact on user experience

If an attacker exploits this vulnerability, the user can be redirected to a malicious page without realizing it. That directly damages trust in your site and can have serious consequences if the page is impersonating yours to steal data.

Negative signals for site quality

Not including noopener on external links with target="_blank" is an outdated practice. In any technical audit, its absence signals that the site's security isn't being managed to current standards.

How to fix it step by step

If this error showed up in your audit, here are the steps to leave it behind.

Step 1

Identify which links have target="_blank" without noopener

Ruk Audit shows you exactly which external links open in a new tab without the noopener attribute. Review them before editing anything and get a clear picture of the full list.

Step 2

Add rel="noopener" to each affected link

For each link with target="_blank", add rel="noopener" in the same attribute. If the link already has other values in the rel attribute, add it separated by a space. You can do this from your CMS editor or directly in the HTML code.

Step 3

Verify that all links are correctly configured

Once the changes are made, check that all external links with target="_blank" have the rel="noopener" attribute correctly applied and that none have been left without updating.

Does your site have this problem?

Audit your website for free and discover if this and other SEO errors are affecting your ranking.

See all the errors we detect