A few people have looked at ways to keep their CodeIgniter mysql sessions table clean on their apps, and the biggest culprit for ballooning session tables is due to the fact that your site gets indexed or scanned by web crawlers and various bots.

Typically with CodeIgniter sessions, you would store them in a `ci_session` table  reference in your database, so every time a bot visits your site, a new entry gets created and sits until it is cleared (which sometimes seems like never, and in many cases it is never).  You could try several approaches to combat this session spam, but I will cover the application side approach.

Use this CodeIgniter Clean Sessions (simple drop-in/plugin that I made).

ci-clean-sessions-github

Just drop in `MY_Session.php` into your `/application/library` and it will get to work blocking those pesky visitor bots. This drop-in uses the `user_agent` library to first check if that visitor is a bot and then does a simple check wether to start a session or not. All known bots (in your user_agent.php config) will be blocked from starting a session. Just make sure that your site code does not depend on a session being started, otherwise you might get some errors.

You will have to update your `config/user_agent.php` file to keep updated with any bots that come your way.  There are many lists online that people update, or you could just search through your ci_sessions and find bot user agents and insert those into the file.



One Comment to “Codeigniter keeping bots out of your sessions table or how I cleaned up my sessions”

  1. Anatoliy | September 20th, 2014 at 8:05 AM

    This is what we need – an insight to make evrnoyee think

Leave a Comment