I had an interesting client issue recently - first they were alerted to the typical "404 error page" warning message received from Google Search Console. At first I thought it was a non-issue; there was an old page on the site that had been deleted, hence the new 404 error. Nothing to cause concern - this was a /profile/ based page, and from my understanding of the site those pages had no real value to users or search engines.
Switching to the overview performance report what did catch my attention was a huge traffic spike just a few days ago. I wondered if a particular event or piece of marketing activity was the cause of this - and when filtering to that date period I could see it was due to a "spam attack" (of sorts) on the site.
What are Wix member profile pages?
I still don't understand why Wix does this (apparently by default), but if your Wix site has a blog it's likely that this kind of "social network" functionality is included by default. You can follow other users/authors on the blog, and can comment on previous posts, as well as having the function to create your own profile.
This member profile feature was being abused heavily - those pages were targeting spammy queries, and somehow Google had started to pickup and index those pages a few days ago, somewhere between April 22nd and 25th.
This caused a big spike in organic traffic as those pages began to rank well on Google, delivering lots of traffic to my clients site. Just when I thought it was a result of my stunning SEO skills!! 🤪
You can check out an example of a super spammy Wix user profile below.
In this case it seems that the spammers will be auto-generated these pages at scale, perhaps targeting Wix or other exploitable platforms, where the profiles then include links to their target pages (a Roblux page in this case).
They either aim to use the target site as a kind of parasite where they can get valuable links to their "money" pages (this might pass SEO value and cause their targeted pages to rank higher on Google), and/or they can get real people to click through the link to hit their money page. I'd guess the latter option is the target here. Either way they don't really care, but I'm sure your client will if it affects their site! 😬
How to fix the issue and prevent it happening again?
My first port of call was to get those results out of the search index and sharpish! Because they're based on the same URL prefix I could use the "temporary hide search results" feature in Search Console, making use of this URL prefix:
This would remove all search results that contain that URL which to me was no issue as there was nothing of value served by any pages at those URLs.
This would temporarily hide those results for 6 months - my understanding is that it's quite a quick fix on Google's side, but it won't last forever and doesn't at all solve the root problem.
My priority at this point though was to get them removed as it wasn't great to have the client hosting such content. It could be a bit of a PR nightmare on the off chance it was picked up by anyone, largely as they were hosting software links that were of questionable legality.
Once complete, I then moved over to Wix's backend to see if I can figure out a solution.
I found that if you head to the PrivateMembersData section, within the Content Manager (note you have to be in the Wix Site Editor to be able to open this), you can then see all those profiles and do a quick assessment for quality. In my case there were over 600 spam records!
I couldn't delete any of these as I had Read-Only access. So I had to figure a way for the Wix admin (my client contact) to grant this access.
Once those records were removed, the pages themselves should return a 404 error and slowly start to drop out of Google's index, at least in theory. A better fix would be to return a 410 status code for all those member URL's to ensure search crawlers drop those results a lot quicker, and never to serve them again. Alas, this 410 status code serving doesn't seem to be an option to us in Wix, at least from what I can tell.
If you could add the list of 410's to the site you could then create a "super-spammy-pages.xml" sitemap which lists all those spam pages, before submitting to Search Console, Bing Webmaster Tools and anywhere else, just to give the crawlers a quick way to find all those 410's and speed this process up...
Only when those results have been dropped by the crawlers could you then look at disallowing access to the /members/ page via robots.txt - which thankfully Wix now allows you to do. You can also look to prevent users (spammers) from creating a member profile page ever again on the site by deleting the Members Area feature in Wix.
As an additional temporary measure I enabled an option that requires any profiles to be manually approved before going live, which seems the least we could do to manage the problem and prevent it growing exponentially.
Final thoughts on dealing with Wix member spam
I found this one an interesting one, in particular the fact that Google somehow found and indexed these pages very quickly over a period of 2-3 days in April. What caused them to do this - perhaps it was some change on Wix's side?
From doing some rudimentary Google searches I could see too that many other Wix based sites had been hit in this way, it wasn't just specific to my client site. I imagine lots of Wix sites out there are inadvertently hosting these spam member profiles without really knowing about it.
If you've been hit with the issue try removing those search results from Search Console following the advice above, and then pester your web developer to help you out.
I know Wix have been making great strides at improving their product, particularly with SEO and speed in mind, but this incident won't win them many SEO fans - I'd much rather put my time into more meaningful SEO activities than dealing with all this nonsense. 😎
Give me a shout if you're looking to hire an SEO consultant - helping you to spot and resolve issues like the Wix spam above!