PHPSESSID in your URL? Learn to 301 redirect them with PHP

I’m doing some work on a site which has like 4,500 pages indexed with a PHPSESSID in the URL, causing some major duplicate content problems. I got the server admin to disable the PHPSESSID’s by adding the following to the vhost config:

php_value session.use_trans_sid 0
php_value session.use_only_cookies 1

I also wanted Google to get a clean URL when it decided to spider one of the old URL’s again, and didn’t have access to mod_rewrite, so I redirected them with some PHP. The solution is quite simple:

if (isset($_GET['PHPSESSID'])) {
	$requesturi = preg_replace('/?PHPSESSID=[^&]+/',"",$_SERVER['REQUEST_URI']);
	$requesturi = preg_replace('/&PHPSESSID=[^&]+/',"",$requesturi);
	header("HTTP/1.1 301 Moved Permanently");
	header("Location: http://".$_SERVER['HTTP_HOST'].$requesturi);
	exit;
}

Tags: ,


Yoast.com runs on the Genesis Framework

Genesis theme frameworkThe Genesis Framework empowers you to quickly and easily build incredible websites with WordPress. Whether you're a novice or advanced developer, Genesis provides you with the secure and search-engine-optimized foundation that takes WordPress to places you never thought it could go.

Read our Genesis review or get Genesis now!

19 Responses

  1. Arjan EisingBy Arjan Eising on 30 March, 2007

    Thanks for sharing this Joost. Note that if you haven’t access to the ini files, this parameters can set by using the ini_set function.

  2. Joost de ValkBy Joost de Valk on 30 March, 2007

    very true Arjan, thx! (and sorry, I edited your comment to change the link to php.net instead of nl.php.net :) )

  3. Arjan EisingBy Arjan Eising on 30 March, 2007

    Ah damn, sorry for that one. PHP.net automatically redirects to the Dutch version, so I didn’t notice it.

  4. Joost de ValkBy Joost de Valk on 30 March, 2007

    no probs, I just know they don’t like it when you link to a local mirror :)

  5. JensBy Jens on 2 July, 2007

    Short and sweet. I really have problems with Session-IDs in WordPress. I will try your hint! But I really wonder, that there is no wordpress plugin for the redirection of session-id-spamed urls… should not be too difficult…

  6. Dainų tekstaiBy Dainų tekstai on 13 December, 2007

    Thanks for it. Very useful. But there is any solution with PhP to leave previos url when page redirect to new page?

  7. Chris BrownBy Chris Brown on 14 January, 2008

    Thanks for sharing. Very nice trick :)

  8. fraBy fra on 4 February, 2008

    hi joost
    i am having the same problem here. since i dont know anything about coding i wanted to ask you if i have to place the second code you provided in this post in the php.ini file as well…thanks!

  9. RobertBy Robert on 31 March, 2008

    I got this problem:
    Warning: preg_replace() [function.preg-replace]: Compilation failed: nothing to repeat at offset 0 in …

    and solved it like that:

    $requesturi = preg_replace(‘/&PHPSESSID=[^&]+/’,””,$_SERVER['REQUEST_URI']);
    $requesturi = preg_replace(‘/PHPSESSID=[^&]+/’,””,$requesturi);

  10. OK85By OK85 on 23 April, 2008

    But by using the redirection you will loose all data stored in sessions, don’t you?

  11. CrispijnBy Crispijn on 7 June, 2008

    Very nice feature! I solved the prob really quick!

  12. MilanBy Milan on 23 March, 2009

    And how to stop WordPress and other scripts from creating cookies with PHPSESSID? I don’t see their use and they are only wasted bandwidth.

  13. ScritubeBy Scritube on 31 March, 2009

    PHPSESSID can’t be used for that.

    but try on you header :

  14. BoogieBy Boogie on 16 April, 2009

    Hi, thanks für this easy to use solution.
    I modified the regexp code:
    $requesturi = preg_replace(‘/[.|?|&]PHPSESSID=[^&]+/’,””,$_SERVER['REQUEST_URI']);

  15. MiskoBy Misko on 14 May, 2009

    Hi!
    Where did you change/put that code exactly? Where is the “vhost config”?
    thanx a lot!

Trackbacks