Protect Page & Post – Referrer URLs feature’s Limitations

In the Protect Page & Post plugin version 1.0.15, we introduced a new feature Referrer URLs that help customers can configure the white list referral links for protected pages or posts. However, in some cases, the feature cannot work properly because your server is preventing sending HTTP Referer Headers from your WordPress site.

Case 1: Using REL attribute

Ref attribute introduced since HTML 5, one of the values is noreferrer. If the link is having ref=noreferrer, it will prevent the browser from sending the current page address.

Here is an example of using rel attribute:

<a href="http://preventdirectaccess.com" ref="noreferrer">Prevent Direct Access Plugin</a>

Case 2: Using referrer policy

A second approach referrer policy, we can either add a <meta> tag to WordPress website

<meta name="referrer" content="no-referrer">

or add a referrerpolicy attribute the hyperlinks

<a href="http://preventdirectaccess.com" referrerpolicy="noreferrer">Prevent Direct Access Plugin</a>

Case 3: SSL/TLS certificate

If your website is using a SSL/TLS certificate, the referrer header won't be sent if the link is navigating to a site without SSL/TLS certificate.