Hi - is it possible to run MODx without it setting a PHPSESSID cookie when people visit the website front end?
I think - if you turn off the setting anonymous_sessions in System Settings, this will remove the session cookies for those not needing to be logged in.
Doesnt seem to change anything PHPSESSID still gets set with the anonymous_sessions set to NO
This should work.
Did you test it in a new private browser window or a different browser?
In a different browser yes - having cleared all cookies from the domain
I’ve just tested this on a 2.8.4-pl site and a 3.0.1-pl site and it seems to work as expected for me.
No PHPSESSID cookie is set on the client machine on either site when anonymous_sessions is set to No.
I’m afraid I’m not sure why that wouldn’t work for you.
I am running 2.8.3-pl would that be the issue?
Hmm … I don’t have a 2.8.3-pl site to test I’m afraid.
After a quick search - I don’t see any reference to this not working in earlier versions.
Can you check that the setting change saved ok? Apologies if you’ve done that already.
If there’s anything on the site that requires sessions (perhaps a form, wishlist, login) note that the session will still be automatically initialized.
As an aside if the reason you’re looking to do this is privacy/GDPR; these cookies fall under “functional” cookies and do not require specific user consent.
Thanks Mark - Client just keen to throw no cookies at all - am using formit yes