Skip to main content

Session ID

A Session ID it is an identification number that is generated on the server side to assign user requests to a session. This ID is stored locally with the user and is transferred in the form of cookies or as a URI (Uniform Resource Identifier) attribute.

How does it work

The data of the last session that is stored on the server side can be entered using the user's session ID. The browser receives the corresponding data. This method is mostly useful in the field of e-commerce. The client will be able to see the shopping carts with the posts not bought or last seen from their previous session.

In order to give a unique identification to a user, the session ID must be available on the server for each request. The server assigns the associated data to the client. If no IDs exist, the server treats the request as new and creates an unused session ID as a result.

Session ID as cookie

Session identifiers can be stored locally as cookies on the client side. When a request is made to the server, the server transmits the cookie containing the session ID. The server has stored the session ID and associated information from the last session and makes it available to the client if the session ID matches.

Session ID as URI attribute

User requests can be executed by clicking a link or submitting a form. The web portal URI is modifiable and contains the session ID. This creates a unique bond.

For example, the link is no longer at:

but below:

Tracking these unique links is still difficult for search engines. Implementing a consistent URI attribute requires a lot of programming. At the same time, the user and also the operator will have the disadvantage that these links cannot be bookmarked. This prevents the user from returning to the page.

Session ID Security

By modifying their session ID, a customer can attempt to access a session ID of another user. It is feasible to discover and manipulate the stored session ID data.

To make it impossible to guess the session ID of other users, the server generates it from a very wide range of values. This keeps the probability of a randomly called session ID very low.

Relevance for SEO

A session ID can be problematic for search engine optimization. In conclusion, session identifiers allow content to be entered at a different URL each time the crawler is visited. If Googlebot crawls a website with session identifiers a second time, a post will appear that was indexed the first time under a new URL because the session identifier is no longer the same. This can be seen as duplicate content, which in the worst case could lead to the subpage being removed from the index. At the same time, despite everything, the previously crawled URL also issues an error message when the session ID expires and the content is no longer found in the web address. If there is no strong reason to justify the use of session identifiers, ideally they should be dispensed with entirely.

Web Links