Willkommen, Gast ( Anmelden | Registrierung )

Reply to this topicStart new topic
> phpsessid abschalten, damit sie in Google nicht mehr auftaucht
Wertung 5 V
Beitrag Jan 20 2007, 14:01 PM
Beitrag #1


Gruppe: Admin
Beiträge: 552
Mitglied seit: 1-June 05
Wohnort: germany, hassia, bickenbach
Mitglieds-Nr.: 1


Session IDs in PHP can cause some real problems when search engines index your pages. For this reason, you should disable PHPSESSID on your sites, and keep session IDs in cookies instead. If you disable PHPSESSID in the URL, this can become a usability issue, as all visitors must have cookies enabled to make use of any code that requires sessions (such as login scripts).

Why disable PHPSESSID?
If a visitor comes to your site with cookies off, PHP will automatically add PHPSESSID into the URL of every page. This is the way of maintaining state between pages.

Because many search engines spider your site with cookies off, they will see the version of your URL with the session ID included. A number of search engines will include the session ID in the index, and it can be hard to get rid of.

Session IDs in search engine indexes are ugly. They don't look good, and confuse the visitor as to the real content on the page. It clouds your pristine search result with technical rubbish, you lose that lovely whitespace around your listing that will attrack searchers to your listing.

Worse, having PHPSESSID in a search result can cause duplicate content issues, and Google is unlikely to give out PageRank to a URL including a PHPSESSID.

How to Disable PHPSESSID
It's always best to approach the problem from several angles. Consider the following objectives...
  • Prevent search engines from being given a PHPSESSID in the first place.
  • Redirect any visitor that comes into the site with a PHPSESSID in the URL.
  • Remove existing listings in the search engine indexes that already have PHPSESSID included
I'll assume for this you have PHP, since we are talking about PHP sessions here...

Preventing PHPSESSID from appearing
Also assuming your webserver is Apache, insert the following code into .htaccess to prevent session IDs from appearing
php_value session.use_only_cookies 1
php_value session.use_trans_sid 0
Redirecting visitors
Step 2 is to redirect all visitors that come into the site with a session ID from an outside link. The logic I use here is a little more general, because I firmly believe in the rule "one page, one URL".

Consider the following code, on every page of your site...
$actualurl= 'http://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
       $correcturl = 'http://www.ragepank.com/articles/26/disable-phpsessid/';
       if ($correcturl != $actualurl) {
           header("HTTP/1.1 301 Moved Permanently");
           header("Location: " . $correcturl);

If you try coming into this page with a PHPSESSID attached, this code will detect that the URL is wrong, and 301 redirect you to where you should be. This code takes care of session IDs, but also ALL other kinds of duplicate content issues. This code has the URL hard-coded into the script - normally you would use code to decide what the URL should be, detending what query string variables you are expecting.

Telling Google
Now that your redirections are working, you need to tell Google to update it's index and get rid of those ghastly session IDs. This next concept might seem a little strange, so bear with me.

You need to link to the pages that contain the PHPSESSID, including the PHPSESSID. Because search engines will never be given the same PHPSESSID twice, they are unlikely to find the exact page with the indexed PHPSESSID again. This is why you should link to it.
  • Visit Google, Yahoo, MSN and search for all indexed pages on your site, eg... "site:ragepank.com".
  • Make a list of all pages containing a PHPSESSID.
  • Create a new page on your website, and link to it from somewhere obscure.
  • Add links to all these PHPSESSID pages on this new page
Search engine robots will find this new page, and follow all the links you created (to the PHPSESSID pages). They will see the 301 redirection in place, and update their index accordingly. Or so the theory goes anyway, in practice this can take months on a small website.
Allow search engines some time to remove PHPSESSID from their index, you can delete this page from your site. It can take several months before engines will remove PHPSESSID from their listings.

This does take time. Once Google indexes a page, it can be difficult to change or get rid of the page. It can happen over time, but normally you need to treat Google like a child, and explicitly say (by using 301 redirects) which URLs you want changed. An old site I used to look after is still getting better search positions on pages that were deleted 18 months ago than the pages that exist - go figure.

This technique does work. The results are nice clean search engine listings, and is definitely worth the effort.

Go to the top of the page
+Quote Post

Reply to this topicStart new topic
2 Besucher lesen dieses Thema (Gäste: 2 | Anonyme Besucher: 0)
0 Mitglieder:


- Vereinfachte Darstellung Aktuelles Datum: 30th July 2021 - 13:40 PM