[pmwiki-users] PHP session IDs in url

Patrick R. Michaud pmichaud at pobox.com
Sat Feb 17 09:50:07 CST 2007


On Sat, Feb 17, 2007 at 04:34:10PM +0100, Jens Schiffler wrote:
> Brian <brianbashi at gmail.com> on Sat, 17 Feb 2007
> >   Google is indexing some of my URLs with a session ID, ie.
> >   www.mysite.com/page?PHPSESSID=dbc90542f26712aa6dc4f51567d389fb
> > 
> >   Is it possible to prevent this? Many say its bad for SEO.
> 
> try setting 
> 
> ini_set('session.use_only_cookies', true);
> ini_set('session.use_trans_sid', false);
> ini_set('url_rewriter.tags','');

Note that even after doing this, Google may still continue to
display the page in its index using the ?PHPSESSID= parameter
(since it has it stored that way in its cache, and links coming
to the site from other locations may still have the ?PHPSESSID=
parameter in them).

We could modify scripts/robots.php such that any search 
engine robots that visit a site with PHPSESSID in the url
are given an appropriate error response, such as 
"301 Moved Permanently", "410 Gone", "403 Forbidden", or 
"404 Not Found".

One possible downside is that if a robot only ever finds 
links with PHPSESSID in them (due to PHP misconfiguration), then 
the site might never be indexed.

Comments?  Anyone in favor or against?

Pm



More information about the pmwiki-users mailing list