Shopify Prohibited Items List (2026): What the AUP Actually Bans

Two Documents Decide What You Can Sell

Sellers searching "Shopify prohibited items list" are usually looking for one canonical list. There are actually two governing documents, and they do different jobs:

• The Acceptable Use Policy (AUP) — the platform-wide rules covering what no store may do or sell.
• Shopify Payments terms — a separate, longer list of business categories Shopify's payment processing won't serve, even where the products are legal and AUP-permitted.

A product can pass the AUP and still be unsellable through Shopify Payments (CBD is the classic example — permitted on the platform under specific programs and attestations, but routed through third-party gateways). Always check both. Add a third layer if it applies to you: regulated products carry their own legal regimes regardless of what Shopify allows.

Here's the practical breakdown as of 2026 — and just as important, how Shopify actually enforces it.

What the AUP Prohibits

Shopify's AUP is written as activity categories rather than an exhaustive product catalog. The recurring themes:

Illegal goods and activities. The baseline: anything unlawful to sell, or that facilitates illegal activity. This includes goods that are legal somewhere but not where you're selling them — the seller carries the obligation to know.

Intellectual property infringement. Counterfeits, knockoffs, and listings that infringe trademarks or copyrights. In practice this is the category that hits the most otherwise-legitimate stores, because it covers far more than fake handbags: unlicensed fan art, brand names in titles and tags, logos visible in product photos. Enforcement here runs through Shopify's notice-and-takedown system — a rights holder reports, the content comes down with no pre-removal hearing, and uncountered notices accumulate on your account under a repeat infringer policy with no published strike count. We've mapped that machinery in our trademark takedown guide and repeat infringer policy breakdown.

Firearms and weapons. Restrictions on firearms, certain firearm parts and accessories (high-capacity magazines and similar components), and weapons designed to cause serious harm. US sellers should note the payments layer is stricter than the platform layer here.

Hateful content. Products or content promoting hate or violence against people based on protected characteristics, and support of organizations that do.

Exploitation and abuse. Child sexual abuse material (zero tolerance, reported to authorities), content exploiting minors, human trafficking, and sexual services.

Harassment, threats, and bullying. Includes doxxing — publishing others' private information.

Self-harm promotion. Content promoting or glorifying suicide or self-injury.

Deceptive and harmful practices. Fraud, phishing, malware distribution, pyramid/get-rich-quick schemes, and deceptive medical claims — the category Shopify leaned on heavily during health-misinformation waves, and the one that catches supplement and wellness stores making cure claims.

Restricted regulated goods. Alcohol, tobacco and vape products, CBD/hemp, gambling, pharmaceuticals, and adult content sit in a conditional zone: some are permitted with proper licensing, age gates, attestations, and compliant payment routing; some are payments-prohibited regardless. If your product needs a license to sell offline, assume Shopify expects to see that compliance reflected online.

Spam and system abuse. Unsolicited bulk communications, interfering with the platform, evading enforcement — including the one that matters most for this article: opening a new store to continue activity Shopify already actioned. Ban evasion is its own violation.

How Enforcement Actually Works: Product-Level First, Account-Level Last

This is the part most prohibited-items articles skip, and it's the part that determines whether a violation costs you one listing or your business.

Default: product-level action. When Shopify identifies an AUP violation tied to specific content, the standard response targets the content — the product is delisted or the page removed, and you're notified in your admin with the reason. The rest of your store keeps operating. This is deliberate: Shopify's enforcement posture is to use the narrowest remedy that addresses the violation.

Escalation: account-level action. Store-wide consequences — suspension or termination — are the escalation path, generally reserved for:

• Stores whose core business is a prohibited category (there's no product-level fix for a store that only sells counterfeits)
• Severe categories where a single instance is intolerable: CSAM, terrorism support, threats of violence
• Repeat violations after product-level actions — patterns demonstrate the store, not the product, is the problem
• Willful IP infringement — and this one deserves emphasis: a single sufficiently willful instance can terminate not just the offending store but other stores under the same owner. The repeat infringer policy publishes no strike count, so there is no safe number of complaints to absorb
• Evasion — relisting removed products or opening replacement stores converts a product problem into an account problem instantly

One more thing to be careful about: you'll find merchant anecdotes about payment holds of 120 or even 365 days following terminations. Those are merchant-reported accounts, not published Shopify policy — treat them as a signal that account-level enforcement can have financial tail risk, not as an official schedule.

The Gray Zones That Catch Legitimate Sellers

The stores that get hurt by the AUP are rarely the ones selling obvious contraband. They're ordinary stores drifting into enforceable territory:

• "Inspired by" products. Fan art, dupes, and lookalikes with brand or character names in titles and tags. The IP category doesn't require an exact counterfeit — infringement is enough.
• Product photos with brands in frame. A styled photo where a logo'd item appears, or a stock image you didn't license.
• Health claims. "Boosts immunity," "cures anxiety," "clinically proven" without substantiation moves a candle or tea listing into deceptive-practices territory.
• Weapon-adjacent products. Knives, self-defense items, and airsoft sit near restricted categories and draw review; classification details matter.
• Dropshipped catalogs you never audited. Importing a thousand supplier SKUs imports the supplier's violations. You're responsible for every listing in your store regardless of who wrote it.

How to Audit Your Store Against the AUP

1. Read the [AUP](https://www.shopify.com/legal/aup) and the [Shopify Payments prohibited businesses list](https://www.shopify.com/legal/terms-payments-us) — both, in full. Twenty minutes that contextualizes everything else.
2. Sweep your catalog by category: anything regulated (age, licensing), anything making medical or earnings claims, anything weapon-adjacent.
3. Sweep for IP exposure separately — it's the highest-frequency category. Brand names and character names in titles, descriptions, and tags; logos and protected designs in images; "inspired by" phrasing.
4. Fix forward, not just backward. New products, new suppliers, and seasonal designs reintroduce risk continuously; an audit is a snapshot, not a vaccine.
5. Know the response playbook before you need it. If content is removed, you're notified with options; for IP complaints there's a counter-notice path (with a 10–14 business day window in the DMCA process) — see our counter notice guide — and a defined sequence we've mapped in the complaint timeline. Never relist removed content while a complaint is unresolved; that's the evasion trap.

Want to catch risks like this before a complaint lands? ShopShield scans your product text and images against 850+ high-risk terms and the USPTO trademark database. Start your 7-day free trial.

The Bottom Line

Shopify's prohibited items rules live in two documents — the AUP for the platform, the Payments terms for processing — and enforcement runs product-level by default with account-level action as the last resort. The severe categories are obvious and most sellers will never touch them. The category that actually reaches legitimate stores is IP infringement, where complaints accumulate silently and willfulness can end every store you own. Audit both layers, keep your listings clean as the catalog grows, and the AUP stays what it should be: someone else's problem.