| Re: Is session ID a problem ? |
| by peterr on 2006/3/15 0:18:25 Despite the changes I've made, bots are still hitting the site with a GET like ... Quote:
looks like the only way to really fix it, is a mod_rewrite, to strip the session id from the URL. At presetn, even with the changes advised, the PHPSESSID is turning up in search engines. P |
| Re: Is session ID a problem ? |
| by peterr on 2006/3/14 22:23:45 I _think_ if the server config doesn't let you add the php flag/values in .htaccess, then what you can do, is to have your own PHP.INI The best to do is ask your hosting company, from memory that is what I had to do on another server, and found the best way to start was to copy the 'full' PHP.INI file into your site, and then make the changes. P |
| Re: Is session ID a problem ? |
| by macmend on 2006/3/14 17:21:20 in sorting out the terrible mess I have got in with my server, i find I am not allowed to use php flag entries in .htaccess as they bring 500 errors...is this a problem is there a way round it, it seems some php security on the host server now prohibits this?? |
| Re: Is session ID a problem ? |
| by peterr on 2006/3/8 5:46:20 I added this in .htaccess le="color: #000000"><?php php_flag session.use_trans_sid off and the cookies were already set to 'on', here are the values from phpinfo() Quote:
I can still do this .... http://www.example.com/modules/wflinks/newlist.php?PHPSESSID=ae13f0f2d33dc138573157d429e15782 OR ........... http://www.example.com/modules/xhld0/index.php?PHPSESSID=ae13f0f2d33dc138573157d429e15782 the first url example is what is in the serach engine results, so no doubt I will just have to wait until they do another crawl. From the web server logs, there are several url's that are causing the session ID to be appended, I just tried one, and now the session ID is not there. So, I'll test all the others, and just wait until the next crawls _and_ updates by these search engines. The XOOPS admin/preferences main/general settings has" use custom session - No Thanks, P |
| Re: Is session ID a problem ? |
| by m0nty on 2006/3/8 4:55:04 yup.. old news but still crops up every now n then.. use cookies, and disable trans_sid in php.ini or htaccess etc, and that solves that problem somewhat.. plenty of topics on XOOPS about it if you enter phpsessionid into the search block. |