0 Replies - 187 Views - Last Post: 30 January 2014 - 10:42 AM

#1 ge∅  Icon User is offline

  • D.I.C Regular

Reputation: 62
  • View blog
  • Posts: 476
  • Joined: 21-November 13

Magento, sessions and domains management

Posted 30 January 2014 - 10:42 AM

Hello world,

I have recently moved a Magento ecommerce site on a virtual private server.

Just so you know, the store is located in the /var/www/mysite/ folder. I manage domains on my server with a simple rewrite rule in a .htaccess located in the /var/www/ folder.

Since I've done the server migration, Magento is adding a ?SID parameter at the end of all my URLs, which is very annoying for SEO (and also a security risk to my mind).

According to the support team, Magento is doing this automatically when a change in the host name is detected, so the session would be transferred, without cookies, to the next page (in case you have multiple stores for example).

The problem is that I do not have multiple stores and I do not use different domain names (I always use the www subdomain) : when I enter in my browser's address bar the same URL as the base URL set in the Magento rewrite settings, Magento will still add a damned session ID at the end of my URLs.

I've found a solution on the web : changing the $_useSessionInUrl variable to false in the /app/code/core/Mage/Core/Model/App/App.php file. It works great on the frontoffice, but I can no longer log in the backoffice : when I enter the correct login and password, the form sends me back to the login page (with no error feedback).

I've tried to empty my browser's and Magento's cache with no luck.

I know this is a very specific question, but does anyone know what's going on ?

Thank you all.

Is This A Good Question/Topic? 0
  • +

Page 1 of 1