How to remove sessions ID in Oscommerce 2.3 URLs

How to remove or hide session ID from oscommerce URLs

After installing SEO ultimate URL (for example : Ultimate_SEO_URLSv22d_12) and in order to have more friendly URLs, you should remmember to hide/remove random sessions id generated by spiders access and which can be annoying to your web site indexing.
To “Prevent Spider Sessions“, you must go to your catalog/includes/config.php and be sure that it is like the model below especially for HTTP_COOKIE_DOMAIN :

define('HTTP_SERVER', '');
  define('HTTPS_SERVER', '');
  define('ENABLE_SSL', false);
  define('HTTP_COOKIE_DOMAIN', '');
  define('HTTPS_COOKIE_DOMAIN', '');
  define('HTTP_COOKIE_PATH', '/shop/');
  define('HTTPS_COOKIE_PATH', '/shop/');
  define('DIR_WS_HTTP_CATALOG', '/shop/');
  define('DIR_WS_HTTPS_CATALOG', '/shop/');

After validation, re-set permissions for your file catalog/includes/config.php to 444.
Now connect to backend store Admin Pannel and go under Configuration/sessions :

Make sure that Directory sessions is set to : /temp
hide oscommerce id sessions

reset the cache

How to remove session ID appended URLs from the search engine index

Now let us suppose that you forgot for some reason to do that when launching your shop.
Then you will have several URLs indexed by spiders with the session ID appended. This situation is troublesome and there are a few options to handle referrals sent through the “wild” session ID URL.

However, the true solution to the problem is to REMOVE THE SESSION ID’s from the search engine index.
In includes/application_top.php find this code:

// include the language translations
  require(DIR_WS_LANGUAGES . $language . '.php');

Append under it the following code :

if ( $spider_flag == true ){
  if ( eregi(tep_session_name(), $_SERVER['REQUEST_URI']) ){
   $location = tep_href_link(basename($_SERVER['SCRIPT_NAME']), tep_get_all_get_params(array(tep_session_name())), 'NONSSL', false);
   header("HTTP/1.0 301 Moved Permanently"); 
   header("Location: $location"); // redirect...bye bye  

This code will redirect the spider to the non-SID URL with a 301 header and over time will remove the session appended URL from the index.


Since 30 years I work on Database Architecture and data migration protocols. I am also a consultant in Web content management solutions and medias protecting solutions. I am experienced web-developer with over 10 years developing PHP/MySQL, C#, VB.Net applications ranging from simple web sites to extensive web-based business applications. Besides my work, I like to work freelance only on some wordpress projects because it is relaxing and delightful CMS for me. When not working, I like to dance salsa and swing and to have fun with my little family.

You may also like...