PHPSESSID in your URL? Learn to 301 redirect them with PHP

I’m doing some work on a site which has like 4,500 pages indexed with a PHPSESSID in the URL, causing some major duplicate content problems. I got the server admin to disable the PHPSESSID’s by adding the following to the vhost config:

php_value session.use_trans_sid 0
php_value session.use_only_cookies 1

I also wanted Google to get a clean URL when it decided to spider one of the old URL’s again, and didn’t have access to mod_rewrite, so I redirected them with some PHP. The solution is quite simple:

if (isset($_GET['PHPSESSID'])) {
	$requesturi = preg_replace('/?PHPSESSID=[^&]+/',"",$_SERVER['REQUEST_URI']);
	$requesturi = preg_replace('/&PHPSESSID=[^&]+/',"",$requesturi);
	header("HTTP/1.1 301 Moved Permanently");
	header("Location: http://".$_SERVER['HTTP_HOST'].$requesturi);
	exit;
}

Become a Yoast SEO plugin expert!

  • Master the Yoast SEO plugin
  • Get the best settings for your site
  • Don’t miss out on awesome features
  • On-demand SEO training by Yoast
More info

19 Responses to PHPSESSID in your URL? Learn to 301 redirect them with PHP

  1. Misko
    Misko  • 10 years ago

    Hi!
    Where did you change/put that code exactly? Where is the “vhost config”?
    thanx a lot!

  2. Boogie
    Boogie  • 10 years ago

    Hi, thanks für this easy to use solution.
    I modified the regexp code:
    $requesturi = preg_replace(‘/[.|?|&]PHPSESSID=[^&]+/’,””,$_SERVER[‘REQUEST_URI’]);

  3. Scritube
    Scritube  • 10 years ago

    PHPSESSID can’t be used for that.

    but try on you header :

  4. Milan
    Milan  • 10 years ago

    And how to stop WordPress and other scripts from creating cookies with PHPSESSID? I don’t see their use and they are only wasted bandwidth.

  5. Crispijn
    Crispijn  • 11 years ago

    Very nice feature! I solved the prob really quick!

  6. OK85
    OK85  • 11 years ago

    But by using the redirection you will loose all data stored in sessions, don’t you?

  7. Robert
    Robert  • 11 years ago

    I got this problem:
    Warning: preg_replace() [function.preg-replace]: Compilation failed: nothing to repeat at offset 0 in …

    and solved it like that:

    $requesturi = preg_replace(‘/&PHPSESSID=[^&]+/’,””,$_SERVER[‘REQUEST_URI’]);
    $requesturi = preg_replace(‘/PHPSESSID=[^&]+/’,””,$requesturi);

  8. fra
    fra  • 11 years ago

    hi joost
    i am having the same problem here. since i dont know anything about coding i wanted to ask you if i have to place the second code you provided in this post in the php.ini file as well…thanks!

  9. Chris Brown
    Chris Brown  • 11 years ago

    Thanks for sharing. Very nice trick :)

  10. Dainų tekstai
    Dainų tekstai  • 11 years ago

    Thanks for it. Very useful. But there is any solution with PhP to leave previos url when page redirect to new page?

  11. Jens
    Jens  • 11 years ago

    Short and sweet. I really have problems with Session-IDs in WordPress. I will try your hint! But I really wonder, that there is no wordpress plugin for the redirection of session-id-spamed urls… should not be too difficult…

  12. Joost de Valk

    no probs, I just know they don’t like it when you link to a local mirror :)

  13. Arjan Eising
    Arjan Eising  • 12 years ago

    Ah damn, sorry for that one. PHP.net automatically redirects to the Dutch version, so I didn’t notice it.

  14. Joost de Valk

    very true Arjan, thx! (and sorry, I edited your comment to change the link to php.net instead of nl.php.net :) )

  15. Arjan Eising
    Arjan Eising  • 12 years ago

    Thanks for sharing this Joost. Note that if you haven’t access to the ini files, this parameters can set by using the ini_set function.


Check out our must read articles about PHP