Generally we will encounter a problem like ?PHPSESSID= would appear in the URLs while users are browsing, like http://example.com/node?PHPSESSID=7dd1d5d1471fa8be2fea8f163cce3257.
This string is a Session ID at the PHP level.
Having the PHPSESSID in the URL is not only ugly, but also a security risk. If you visit a page from a certain web site that has PHPSESSID turned on, a malicious admin on the site you are visiting can gain your privileges on that certain site.
For these two reason, you do not want the PHPSESSID in your URLs.
You need to put the following two lines in the .htaccess file, if your PHP as an Apache module:
php_value session.use_only_cookies 1
php_value session.use_trans_sid 0
Using a local php.ini
To make things more complicated, some hosts use PHP as a CGI executable. Many use this as an suExec environment, such as that from suphp.org.
For PHP as CGI, you need to make the changes in a file called php.ini that has a slightly different format. The above parameters would look like this:
session.use_only_cookies = 1
session.use_trans_sid = 0
At ehostpros.com web hosting the tech support can help you do just that. Just open a ticket and help is there is few min. eHostPros.com supports php web hosting using latest php versions on their servers.