How can I remove a spam page from my website index?

Shopify store owners discovered spam pages being indexed by Google through exploited URL parameters, primarily affecting /collections/vendors?q= and /search?q= endpoints. Malicious bots create fake URLs by appending spam queries (often FIFA coin advertisements) that get indexed when external sites link to them, despite robots.txt blocking.

Root Cause:
The vulnerability stems from Shopify themes displaying search queries as page titles on zero-result pages instead of returning 404 errors. Google indexes these pages when external spam sites create backlinks, ignoring robots.txt directives.

Community Solutions Implemented:

• Add noindex meta tags to vendor/search pages with zero results
• Modify theme.liquid to prevent spam text in titles
• Update collection-content.liquid to display 404 messages for empty vendor queries
• Use Google Search Console’s temporary removal tool for bulk URL removal
• Avoid Google Disavow tool (recommended only for manual penalties)

Shopify’s Response:
After community pressure, Shopify deployed fixes making /collections/vendors?q= pages return 404 status. Similar fixes were implemented for search pages and web-pixels-manager spam. However, new variants continue emerging (e.g., /collections/all/ spam).

Current Status:
The /vendors?q= issue is largely resolved. Affected stores report gradual deindexing over weeks, with SEO rankings recovering. Store owners should verify noindex implementation and ensure robots.txt doesn’t block crawlers from seeing 404/noindex responses.