True but it isn't directly related to SID being injected into URL, but rather to the phpBB sessions design in common. That is, as far as bots don't store cookies (I think they don't?), every new unregistered bot's HTTP request generates new guest session. Getting rid of SIDs in URLs won't change this, the only way I can see (personally) to win this on phpBB level is assigning 1 session for all guests at all, which has 2 downsides (at least):
1) Guests won't be able to track unread forums/topics/posts status,
2) phpBB sessions system should be totally rebuilt / replaced with 3rd-party library.
1) Guests won't be able to track unread forums/topics/posts status,
2) phpBB sessions system should be totally rebuilt / replaced with 3rd-party library.
Statistics: Posted by rxu — Wed Mar 26, 2025 2:08 pm