Google indexing PHP Session Ids

avwebnet

2008-01-16 19:39:58

Votes: 0

Google just indexed our website and is recording session ids in the URL.

http://www.google.com/search?q=site:www.praylancaster.com

How do we strip the sessions ids from the url being indexed? In some cases I have heard that this is a security risk.

Its a bit strange because there is not a session id showing in the address bar when I browse the website.

» freeware Quick.Cms.Lite v2.x

-------------------------------------------------------
AV Web Designs

treewood OpenSolution 2008-01-17 08:51:13 Votes: 0	avwebnet - very strange but contact to server admin and ask to change store session from urls to for ex: cookie

avwebnet

2008-01-18 00:05:29

Votes: 0

My server admin says:

I think what's happening is possibly the google bots don't support cookies,
so the minute they see your site, the session_start() tries to do the
cookie, which it can't, so it starts pending the session ID to the
URL.

You can probably see the same thing by turning off cookies in your
browser and going to your site. My guess is the session ID will
appear in the URL. That's the default behavior for PHP sessions,
according to my information.

That's the only thing I can think of that's happening.

-------------------------------------------------------
AV Web Designs

treewood
OpenSolution

2008-01-18 08:41:17

Votes: 0

avwebnet - ok then another way is that but You will lose one function
1. Go to settings in admin
2. Change "Administrator is able to see hidden pages" and give "NO".

If You want to have "Administrator is able to see hidden pages" to Yes then You must try to do this:
1. Edit index.php
2. Change


if( HIDDEN_SHOWS === true )
  session_start( );


if( HIDDEN_SHOWS === true && isset( $_COOKIE['sLogin'] ) )
  session_start( );

Page: | 1 |

If You want to do this operation, please log in first ».
If You don't have an account please register ».