utra Posted October 11, 2005 Share Posted October 11, 2005 Hello community. I have a strange problem related to force cookies and session id's. The last few hours I searched and tried every solution I've found here without success. I'm getting hammered by googlebot and slurp a few thousand hits per day and they only get to see the cookie_usage.php wich is driving me insane ;-( Ok, this is my config: define('HTTP_SERVER', 'http://www.dgbrillen.de'); define('HTTPS_SERVER', 'http://www.dgbrillen.de'); define('ENABLE_SSL', false); define('HTTP_COOKIE_DOMAIN', 'dgbrillen.de'); define('HTTPS_COOKIE_DOMAIN', 'dgbrillen.de'); define('HTTP_COOKIE_PATH', '/'); define('HTTPS_COOKIE_PATH', '/'); define('DIR_WS_HTTP_CATALOG', '/'); define('DIR_WS_HTTPS_CATALOG', '/'); define('DIR_WS_IMAGES', 'images/'); define('USE_PCONNECT', 'false'); define('STORE_SESSIONS', 'mysql'); Running on a shared host with apache and php 4.3.10 Links: http://www.dgbrillen.de and http://www.dgshades.com (both have the same problem and are sharing 1 mysql with the files installed under different domains) The problem is: force cookies = False AND prevent spider sessions = ON, no PoodlePredictor entry in the spiders.txt - everything looks fine but with session id's. force cookies = False AND prevent spider sessions = ON, with poodle or predictor included in the spiders.txt - PoodlePredictor get's to see the cookie_usage.php but nothing else. force cookies = True AND prevent spider sessions = ON, with poodle or predictor included in the spiders.txt - PoodlePredictor get's to see the cookie_usage.php but nothing else. force cookies = True AND prevent spider sessions = OFF!!, with poodle or predictor included in the spiders.txt - PoodlePredictor get's to see the cookie_usage.php but nothing else. force cookies = True AND prevent spider sessions = OFF!!, no PoodlePredictor entry in the spiders.txt - PoodlePredictor get's to see the cookie_usage.php but nothing else. force cookies = False AND prevent spider sessions = OFF, - everything looks fine but with session id's. PoodlePredictor: (www.gritechnologogies.com/tools/spider.go) I can't see any logic behind this and obviously don't know where to start. Any help, hint or idea would be phantastic and greatly appreciated. Thanks for your input on this. Best regards, Thomas Link to comment Share on other sites More sharing options...
♥Vger Posted October 11, 2005 Share Posted October 11, 2005 Force Cookie Use only when you use no ssl or when you use a full ssl cert. It does not work when you use a shared ssl, as both http and https cookie domains must match (osCommerce checks to see that they match). If spiders have previously visited your site and created a session id then when they come back, and you have set Prevent Spiders Sessions to 'true', they will initially end up on the cookie_usage.php page. But they will soon learn and come back again without a session id and spider your site again. Vger Link to comment Share on other sites More sharing options...
utra Posted October 12, 2005 Author Share Posted October 12, 2005 Hello Vger and thank you for jumping into this. I'm a bit mixed up now. Do you think that everything is alright with my shop? I've set force cookies to OFF now because because I'm going to install a shared SSL later these days. But where I'm not shure is: force cookies = False AND prevent spider sessions = ON, with poodle or predictor included in the spiders.txt - PoodlePredictor get's to see the cookie_usage.php but nothing else. I mean... this Spidersimulator don't come with stored session ID's from a earlier visit. How come he end up on the cookies_usage? I tested this with other simulators as well with the same effect. I truly believe after all I read here that there is something wrong. Is there a other way to check or verify this? Thanks, Thomas Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.