Remove SID query from Magento URLs

Featured Image

Many people wonder why sometimes the SID part appears in their Magento URLs. This is when your URL has additional SID query usually at the end. Take a look at the image. The curiosity is that it does not appear always. What is the most common scenario it happens? You didn’t access the site with the same domain variant you entered as your “Base URL” in your System> Configuration> Web interface.

When you decide to launch the site, you have to decide whether you will market URL or This is an important decision and you shouldn’t change your mind quite often. Search engines usually treat those two URLs as a different sites and therefore the Page Rank potential can be split between those two URLs. So, think about whether you will use www or not and stick by this decision.

Once you decided, go to your System> Configuration> Web interface and enter the desired form to “Base URL” field. When you access the site you will notice that there are no “SID”s when the URL matches the value from “Base URL” field and they appear when it does not.

Now, we want the ability that the site redirects to proper URL once accessed. Someone can place a wrong link to some forum or blog. We don’t want those links to lead to improper URL and we don’t want SIDs to appear to those visitors. Most important: We don’t want that search engines index the URLs with SIDs.

The solution is simple. Go to your .htaccess fine and find the line that says

RewriteEngine on

If you want to have www part:

RewriteEngine on
RewriteCond %{HTTP_HOST} !^www\.yourdomain\.com$ [NC]
RewriteRule ^(.*)$$1 [R=301,L]

If you don’t want to have www part:

RewriteEngine on
RewriteCond %{HTTP_HOST} !^yourdomain\.com$ [NC]
RewriteRule ^(.*)$$1 [R=301,L]

Btw. This is applicable and good to be set to every site, not just Magento ones. :)


Care to rate this post?


Tomislav Bilic

Founder and CEO

Tomislav is a founder and CEO at Inchoo. Enjoys traveling - especially quick getaways, traditional cuisine (from most cultures), good wine and strong rakija.

Other posts from this author

Discussion 42 Comments

Add Comment
  1. Thanks for this but I can’t get it to work. Obviously you replace ‘yourdomain’ with your actual domain url. Does anything else need setting e.g. {HTTP_HOST}?

  2. HM, no… That should be it. Can you tell me what site do you have?

  3. I spoke too soon! You are a star!!
    I knew already that this was best practice and actually spent a couple of hours the other day trying to achieve this redirect with code from Yoast’s site, but failed to get it to work.
    I could not at first see the difference between his and your recommended redirect code, so asked my first question as an instant response to your new post.
    As soon as I pasted your code it worked straight away!

    Any chance you could recommend code to redirect index.php?
    Our Magento website is
    Many Thanks.

  4. Hey Phil. Good site you have. Yeah, you are right. The dots (.) should be escaped with \. That’s what’s mission on Yoast side.

  5. While your at it you can really help your visitors out from making the silly mistake of missing of a “w”, or double tapping a “w”.
    i.e. /

    Really easy, make the ww. and wwww. subdomain point to the same location as the main domain on the server and simply…

    RewriteCond %{HTTP_HOST} ^yourdomain\.co\.uk$ [NC,OR]
    RewriteCond %{HTTP_HOST} ^ww\.yourdomain\.co\.uk$ [NC,OR]
    RewriteCond %{HTTP_HOST} ^wwww\.yourdomain\.co\.uk$ [NC]
    RewriteRule ^(.*)$1 [L,R=301]

    Then when anyone accidently types, they get sent to the correct URL insted of “Page cannot be displayed”

    Hope it helps!

  6. Toni Anicic

    Lord Robert, you’re right, that is a common mistake people tend to make. Thank you for your contribution.

  7. Or:

    # ensures all links www, localhost etc.
    RewriteCond %{HTTP_HOST} !^(www\.|mail\.|shell\.|localhost|127\.0\.0\.1) [NC]
    RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]

    Like that when anyone types anything that isn’t in the list, they get redirected.
    And, this doesn’t need you to remember to re-code the website name when you copy the htaccess to a new website :)

  8. Actually my last post doesn’t correctly redirect ww. and www. but does redirect non-www to www. Maybe someone can adapt it…

  9. Ahamed sha

    it helped me. Thank You

  10. Dilby

    Thanks for the great info. However, do you know what the code would be with a domain and the subdirectory of /store?

    (ie: directed to

  11. Vicky

    I just did this to my .htaccess file on my magento site, and now I can’t access the admin area. I get a 404 error! Help!

  12. Can anyone tell me how to change the permission to .htaccess file on server? I cannot modify it since it has 644 permission on that

    my store is


  13. anders Nielsen

    It’s not working when using IDN domains ( parked ) I use more than 4 domains, they all create SID, because you have to use the punycode url in the index.php, and in the backend you use “the good looking url” for seo and more nice link structure…

    Then SID=45454 are created… But the rewrites are not working in this scenario…

    Would love to get i work…

  14. anders Nielsen

    Anyone knows how to remove SID’s when using my scenario???

    I only have one httacces file to do rewrites in… any solutions for this??

  15. Hello! I dont have sucess on that.
    my base domain is
    my secure domain is
    so i tried to add these lines to my .htaccess
    RewriteCond %{HTTP_HOST} !^www\.suricate\.com\.br$ [NC]
    RewriteRule ^(.*)$$1 [R=301,L]

    but have an error when switch from base to secure domain:
    Incorrect Redirect

    What can i do?

  16. Michael

    Thank you for this. The SID issue was perplexing and driving me crazy. Compounding the problem was that not only was the long SID present, but at the very end it also included the SEO friendly URL text for the page.

  17. @Suricate- Your issue must redirect based on the SSL flag.
    # Prepend WWW if SSL off
    RewriteCond %{HTTPS} !=on
    RewriteCond %{HTTP_HOST} !^www\.suricate\.com\.br$ [NC]
    RewriteRule ^(.*)$$1 [R=301,L]

    #Prepend WWW if SSL on
    RewriteCond %{HTTPS} =on
    RewriteCond %{HTTP_HOST} !^www\.suricate1\.sslblindado\.com\.br$ [NC]
    RewriteRule ^(.*)$$1 [R=301,L]


  18. Amazing, it saved me lot of time…
    Thanks for your hard work.

  19. Hi Thanks for you Help.

    But whats the best config for a magento Multistore?

    Are the same

  20. Tom


    Can someone help me (novice) out here, I’m trying to set this up for a site but having no luck… I presumed below is correct?

    RewriteEngine on
    RewriteCond %{HTTP_HOST} !^www\.example\$ [NC]
    RewriteRule ^(.*)$$1 [R=301,L]

  21. Toni Anicic

    Tom, if you wanna keep the www part you’ll need this:

    RewriteEngine on
    RewriteCond %{HTTP_HOST} !^www\.yourdomain\$ [NC]
    RewriteRule ^(.*)$$1 [R=301,L]

    So yea, what you wrote is correct as far as I can see.

  22. Tom

    Thanks for your quick response Toni.

    I have tried your suggestion but it doesn’t seem to be having any effect… I had to make the htaccess.txt file and I put it in my public_html.

  23. Toni Anicic


    Did you rename the “htaccess.txt” into “.htaccess”?

    Between, you should already have a .htaccess file on your Magento installation by default, you just need to edit that one.

    It might be invisible to you depending on which FTP client are you using and it’s settings.

  24. to remove the indexed SIDs put in htaccess:
    #kill those indexed SIDs
    RewriteCond %{THE_REQUEST} \?(.*)SID(.*)\ HTTP/ [NC]
    RewriteRule (.*) /$1? [R=301,L]

    to make domains working with non-www to www rewrtie you have to escape the second dot, in \.co\.uk instead of just \

    #non-www to www.
    RewriteCond %{HTTP_HOST} .
    RewriteCond %{HTTP_HOST} !^www\.sitename\.co\.uk
    RewriteRule (.*)$1 [R=301,L]

  25. Toni Anicic


    Nice, thanks for contributing.

  26. clockman

    i have the following in the .htaccess but is not redirecting… do i missed anything?

    RewriteEngine on
    RewriteCond %{HTTP_HOST} ^domain\.com\.cy$ [NC,OR]
    RewriteCond %{HTTP_HOST} ^ww\.domain\.com\.cy$ [NC,OR]
    RewriteCond %{HTTP_HOST} ^wwww\.domain\.com\.cy$ [NC]
    RewriteRule ^(.*)$1 [L,R=301]

  27. clockman

    Still waiting. no reply :/
    anyone know to help me?

  28. Saurabh


    I am facing same problem, and was not able to resolve it using this post.

    I checked base url and url in browser they are same.

    I get this error when i redirect to payment gateway and my caching is on.

    I will be grateful if you can provide me any help on this.

    Thanks & Regards,

  29. Nick Taylor

    Very useful thread, but I need a solution for a multi-store setup and can’t figure out how to do it.

    Applying the single site version multiple times doesn’t work and doing nothing currently means that non-www version of all except one of the sites redirects to the first site created on Magento.

    Any ideas anyone?

    Thanks in advance

  30. An alternative method to modifying the htaccess file is to change the “feature” directly in the Magento backend.

    In CE v1.4.2.0 (and perhaps earlier versions) you can turn this feature off here:

    System > Configuration > Web > Session Validation Settings > Use SID on Frontend (No)

    Hope that helps!

  31. Jan

    We run several stores do i need to make these changes

    RewriteEngine on
    RewriteCond %{HTTP_HOST} !^www\.yourdomain\.com$ [NC]
    RewriteRule ^(.*)$$1 [R=301,L]

    for every store or just the main magento installation ?

  32. Jade

    A solution for those who want to keep all their variables but want to remove only the SID (The first variable should be the SID)

    RewriteCond %{QUERY_STRING} SID=([^&]*)&(.*)
    RewriteRule (.*) /$1?%2 [R=301,L]

  33. Adam Smith (e-nition)

    I have been having a complete nightmare with this exact same thing. You’ll want to throw in both fixes…If you enter your store without the URL matching the set base url then magento will override adding the SID – in my case adding ?frontent=! So bring this into the htaccess – before the request gets to magento, and if google has already indexed some of these urls do a bit of rewriting to let google and others know to update and at the same time keep any other params in the get request and also accounting for SSL!

    :: Put in the top of your .htaccess (swap out frontend for SID if thats what you getting issues with ::

    # Do redirecting to www. here, if its done by magento it will add ?SID/?frontend=

    RewriteEngine on

    # Handle non ssl
    RewriteCond %{HTTPS} !=on
    RewriteCond %{HTTP_HOST} !^www\.mydomain\.co\.uk$ [NC]
    RewriteRule ^(.*)$$1 [R=301,L]

    # Handle ssl
    RewriteCond %{HTTPS} =on
    RewriteCond %{HTTP_HOST} !^www\.mydomain\.co\.uk$ [NC]
    RewriteRule ^(.*)$$1 [R=301,L]

    # Remove the query part if it comes through from existing link and has other params
    RewriteCond %{QUERY_STRING} ^frontend=([^&]*)&(.*)$
    RewriteRule (.*) /$1?%2 [R=301,L]

    # Remore the qurey part fully if its just the sid present
    RewriteCond %{QUERY_STRING} ^frontend=([^&])
    RewriteRule (.*) /$1? [R=301,L]

    Hope this helps :)

  34. Andrew

    awesome stuff – worked straight away for me. thanks!

  35. g

    is there a purpose to insert ?sid in the url when tracking for counts

  36. Thanks ! Worked great on our website!

  37. Yan

    I am wondering how I would rewrite rule to remove sid and always force www when using mutlistore setup.

  38. I have a Magento GO e-store – small one ;-)
    With the i get 811 hit. But I have 26 real url in my store. (yes it is small)

    I can see a lot of SID on all the extra url’s.

    Do some one know, how to change that in a GO e-shore. I don’t know if I can access the code and I am new in the “game”. But all this extra SID url is killing my e-shop in google ;-(

  39. Thanks for this, still relevant today!

  40. I had a weird problem with the SID on frontend option today. I have an store with this option enabled, and when access a product page it was causing an inifinite loop. I noticed that this just happend when Block page caching was enabled.
    I also noticed that when accessing the product.html address, magento adds the ___SID=U on the looping url.

    I solved the problem by disabling the SID on frontend option.

  41. SSL URL Chekout steps are not working with SSL URL .Please help me

  42. Thanks .. It works for me..

Add Your Comment

Please wrap all source codes with [code][/code] tags.