In Dangerous.
Shopify has a bug in the path of “collections/vendors?q=XXXXXX”. And someone has used this to create a lot of spam links and have a severe impact on the SEO. CAN SOMEONE know how to solve it? We have tried the redirect but not work.
We asked Shopify for 2 weeks but no reply for this.
That url is not a bug. The vendors filter is a useful way to filter things so does have value. The XXXX is a search parameter, so that parameter can be shown in certain places.
Why are you calling it a bug - what’s broken?
If your theme is defaulting to outputting whatever is put into XXXX there’s some strategies you can employ here. For example, I would often adjust the theme code so that if a vendor contained more than one space the I would choose to not render any content (or at least not render the title). Same thinking could be applied to some logic rules around the length, etc.
What steps have you taken so far?
Have you also looked at editing the robots file?
Hello There,
Read this article :- link
{%- if group.user_agent.value == '*' -%}
{{ 'Disallow: /collections/all*' }}
{{ 'Disallow: /*?q=*' }}
{{ 'Disallow: /collections/*/*' }}
{%- endif -%}
Hi Jason
Thank you for your feedback. someone has created more than 4,000,000 spam links using this bug to google and our website is under monitoring. The spam link touches the optimal search engine punishment mechanism and now are traffic hs been limited and just half of before.
And we try to use the redirect in admin but not work.
Yes, we also use the robot to ban but we can not control other people to link to us. Also, they are changing their domain from time to time. As we no need this feature so we hope to ban this from shopify.
Thanks, ZestardTech
And we have made this. But do you have any way to make a redirect in the liquid so when there is no result in this path, we can go to the home page manually?
shopify redirect is not working with this path.
Best Regards
Here’s a quick and dirty example:
This link vs this one. That uses the most basic idea of spaces so if it’s long something different is shown. So if you wanted to extend that to a list of excluded words, lengths, etc you can totally do that. I’ve only changed the collection itself but the code would work for things like page title or let you add meta robots tags into the html as well.
The url will never 404 given that it’s a search like endpoint. The control you will have is via the robots file or by changing what content (including the html) that you choose to return.
If this is something people are really interested in I’ll look to make a larger blog post with some code to steal for inspiration (and paste it here too)
@Jason
I’m curious to know how you have done this, because clearly GSC is saying they indexed all the spam pages “even though they are disallowed by robots.txt”.. so I’m in a similar case with 236k spam pages created in the last days. After a few test on other shopify websites it’s quite easy to just enter a link like “yourshop.com/collections/vendors?q=spamtext”, then it generates a page with your spam text as an H1…
The solution of not displaying the title if there are spaces in the title is probably a good first option, but what if the spammer doesn’t use spaces ? would be great to find an option to just disallow any non-existing vendor request and just display a 404 for example ?
If you have a solution for it I’d be glad to hear it ..
Thanks for the tip though
This is a Bug
and all they got to do is to remove the rendering of XXXXXX on the page
That way, it can keep its usefulness
I still don’t consider it a bug but rather how the theme chooses to output the content. Theme alteration would let you remove the rendering of XXXXX.
That said, I can can see impact so will still poke around and raise it with the Shopify crew.
I will (will take me a little bit as I’m flat out at the moment) get some theme code down that would be useful for others to use as inspiration for first steps.
I don’t see a path where the page will 404 - much like how a search page won’t. Some form of vendor cross reference could be possible in the theme depending on how many you have. If you have a small number that can work. I’ll add that into the code example I write.
Thanks. It’s a bug from a theme, then. I’ll report to the theme developer. This is what got indexed in google..
the theme devs have a point:
this is 100% a Shopify issue - it would do the same in any theme. Shopify should investigate this issue and fix it.
It would not be difficult for Shopify to check if the URL matches a vendor and show a 404 page if not. That would be the correct behavior, and a theme cannot do this, only Shopify, since they control the URLs.
We’ve looked into this as we have had a few support tickets from merchants about it recently. It seems that the abuse of this flaw is increasing.
The “/collections/vendors” page acts as a search, searching for user-entered content and displaying it on the page. I believe “Disallow: /collections/vendors” should be in all robots.txt files to mitigate against this, just as the search page is.
Hello
I have the same problem and I am not the only one
How did you solve it?
The response from shopify support is off topic and they don’t want to act.
Same issue here. Shopify needs to fix this, here’s a search showing 46,000 stores with the same spammer as we just got.
we can only report to google search console
I’m having a similar issue. Apparently on Nov 22 via Google console there were 12 links added that actually showed as empty vendor collections ( I have no vendor option available on my site) that started with ?q= and various company names that I’ve never heard of. I followed these directions on how to create and do a simple edit of a robot.txt file and sure enough one of the examples happened to be ?q= and how to disallow it. https://shopify.dev/themes/seo/robots-txt?shpxid=581a35e4-EFDF-49F9-772E-29360CA90459#add-a-new-rule-to-an-existing-group
If it wasn’t an issue they wouldn’t have shown it as an example. Thank goodness they did and that was the only change that I needed and made, hope it works.
{
{% for group in robots.default_groups %}
{{- group.user_agent }}
{%- for rule in group.rules -%}
{{ rule }}
{%- endfor -%}
{%- if group.user_agent.value == ‘’ -%}
__{{ 'Disallow: /?q=*’ }}__
{%- endif -%}
{%- if group.sitemap != blank -%}
{{ group.sitemap }}
{%- endif -%}
{% endfor %}
I’m not sure it’s the theme since I just purchased and switched to a new theme on Dec 21st from my Out of the Sandbox theme that I had for over 4 years. The current crawl showed on Dec 24th via Google on the new 2.0 compatible theme from a different company.
I have the same twicsy links as well as vendors?q=Kratom.org+Kratom+Strains.
https://duckduckgo.com/?q=vendors%3Fq%3DKratom.org%2BKratom%2BStrains&t=brave&ia=web
Hi,
I am being hit with this problem now! (I know this discussion dates back June 22). Over 150 spam links already using my collections/vendor and being seen by Google as our content.
Is the code modification you suggested all it requires to solve the problem? or are these robots known to find different ways?
Many thanks!
