Known Affiliate Link Issues

If a substantial amount of the affiliate traffic (affiliated link clicks) is invalid due to an EMPTY_REFERER error, most likely, it’s related to one of the following issues:


WordPress 4.7.4 comes with a security addition to TinyMCE which automatically adds a rel=”noreferrer” attribute to all links. The special directive explicitly hints the browser to not share the referrer URL with the target page, which means that unless you set your Affiliate Program terms to allow traffic from anywhere if the referrer is missing the traffic will be considered as invalid. The fix is very simple: ask your affiliates to remove the noreferrer tag from the affiliated links:

Good: <a rel=”noopener” href=”//”>text</a>
Bad: <a rel=”noopener noreferrer” href=”//”>text</a>

Inconsistent Protocol with Default Referrer Policy

When a Referrer Policy of the linking site is not set the policy defaults to no-referrer-when-downgrade. This policy determines that the referrer is only sent when the protocol security level stays the same. This means that if the affiliated link is HTTP and the page is loaded via HTTPS (or vice versa) the referrer won’t be sent, due to the difference in protocol security level. To avoid this situation tell your affiliates to simply use links without specifying the protocol:

Good: <a href=”//”>text</a>
Bad: <a href=””>text</a>

Was this helpful?

Previous Article


Still need help?

If searching the knowledge base does not help you, please contact support.

Fast and easy to use WordPress Security

Instantly protect your website from 600+ million bad IPs

10% OFF

Subscribe to our newsletter

* We do not spam or share your email

Discount on any Security Ninja plan

and get

Hi and welcome back :-)

We won't spam you. Unsubscribe any time.

Wait! Before you go!

Get 10% discount for any WP Security Ninja plan!


Subscribe to our newsletter for new releases, discounts and general WordPress Security news. Sprinkled with other interesting stuff :-)