Even if you mod-rewrite your session ids away (mypage.php?id=5 --> mypage5.htm) your problem still isn't solved: either the SE will pick up lots of identical pages with different names which might put you into trouble. Or they decide not to pick them up at all.

My suggestion: don't use any sessions / session id in public places where spiders drop by. Only use sessions for shopping carts, etc. where spiders are off-limits.

Only use sessions for shopping carts, etc. where spiders are off-limits.

Yes. And I don't think you'd need mod_rewrite. Just stick the id in the url and read it from there.

But personally, I much prefer cookies only. I've only seen 2 or 3 instances in over 8 months where a user didn't appear to have cookies enabled. But then, most of my users don't know what cookies are.

Thanks

How about setting a mod_rewrite condition based on the user agent (spiders) and perform a 301 redirect to the same script, but without the session ID? Any thoughts?

I just found the apache server forum perhaps this would have been better posted there?

based on the user agent

Technically, this is against the rules of most engines, as it's cloaking.