diff --git a/Cargo.lock b/Cargo.lock
index 7ccd2fb..5f116c4 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1008,6 +1008,7 @@ dependencies = [
  "diesel 1.4.1 (registry+https://github.com/rust-lang/crates.io-index)",
  "env_logger 0.6.1 (registry+https://github.com/rust-lang/crates.io-index)",
  "futures 0.1.25 (registry+https://github.com/rust-lang/crates.io-index)",
+ "lazy_static 1.3.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "log 0.4.6 (registry+https://github.com/rust-lang/crates.io-index)",
  "pulldown-cmark 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "rand 0.6.5 (registry+https://github.com/rust-lang/crates.io-index)",
diff --git a/Cargo.toml b/Cargo.toml
index 79e62d7..8f3c8d9 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -14,6 +14,7 @@ chrono = "0.4.6"
 diesel = { version = "1.4.1", features = ["chrono", "postgres"] }
 env_logger = "0.6.0"
 futures = "0.1.25"
+lazy_static = "1.3.0"
 log = "0.4.6"
 pulldown-cmark = "0.2.0"
 rand = "0.6.5"
diff --git a/src/main.rs b/src/main.rs
index 916e86e..a9a8c7f 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -13,12 +13,14 @@ use actix_web::http::header::{
 use actix_web::http::{Method, StatusCode};
 use actix_web::middleware::{DefaultHeaders, Logger};
 use actix_web::{server, App, AsyncResponder, Form, HttpResponse, Path, State};
+use ammonia::Builder;
 use askama::actix_web::TemplateIntoResponse;
 use askama::Template;
 use chrono::{DateTime, Duration, Utc};
 use diesel::prelude::*;
 use futures::future::{self, Either};
 use futures::prelude::*;
+use lazy_static::lazy_static;
 use log::info;
 use pulldown_cmark::{html, Options, Parser};
 use rand::prelude::*;
@@ -196,12 +198,19 @@ fn delete_old_pastes(
 }
 
 fn render_markdown(markdown: &str) -> String {
+    lazy_static! {
+        static ref FILTER: Builder<'static> = {
+            let mut builder = Builder::new();
+            builder.link_rel(Some("noopener noreferrer nofollow"));
+            builder
+        };
+    }
     let mut output = String::new();
     html::push_html(
         &mut output,
         Parser::new_ext(markdown, Options::ENABLE_TABLES),
     );
-    ammonia::clean(&output)
+    FILTER.clean(&output).to_string()
 }
 
 fn raw(db: State<Database<PgConnection>>, requested_identifier: Path<String>) -> AsyncResponse {