Cookie and session management is an important aspect of any ecommerce store. Everything from a customer’s cart, checkout process and recently viewed products is made possible by knowing who is using the website. This is where cookies come into play.

The Session Cookie Management options specify how and where cookies are set and used in your Magento store.

The Session Validation Settings ensure the safety of the information stored in sessions by checking known information gathered from previous visits by a customer matches the current information.

  • Cookie Lifetime is the time a cookie will remain ‘alive’ if the customer returns to the website within this timescale (in seconds) their cart/checkout/details will have been stored. If the cookie expires that information is no longer available to the customer
  • Cookie Path will usually just need a forward slash “/”, that means the cookie will be available across the domain and nto be limited to a specific directory.
  • The Cookie Domain will usually be your domain name preceded by a dot, and excluding the “www”. This means the cookie will be available on all sub domains
  • Use HTTP Only should usually be set to ‘yes’, this means that the cookie will remain active as the user switches between http:// and https://. If this is set to ‘no’ you will experience the customer’s cart emptying as they switch between non-SSL and SSL versions of the site, which is usually when clicking through through to the checkout.
  • Cookie Restriction Mode will notify your visitors that cookies are required for full-featured operations. It relates specifically to EU cookie directive.

Session Validation Settings

  • Validate REMOTE_ADDR checks that the customer’s public IP address is the same
  • Validate HTTP_VIA verifies that the proxy address of an incoming request matches what is stored
  • Validate HTTP_X_FORWARDED_FOR checks that the forwarded-for address of a request matches what was stored previously.
  • Validate HTTP_USER_AGENT checks that the browser/device matches previous visits.
  • Use SID on Frontend adds a ID to the end of URLs that allows Magento to recognise visitors as they pass between domains set-up on the one Magento install.


Magento is a feature-rich ecommerce platform built on open-source technology that provides online merchants with unprecedented flexibility and control over the look, content and functionality of their ecommerce store.

About Magento Ecommerce · Magento Posts

Related Magento Posts

Getting Started with Magento Open Source

Magento Northern Ireland Open Source allows you to build a unique online store from the ground up. ## Standard Features Magento Open Source includes everything... November 2022 · Magento

Magento - WebP Image Format Conversion

An introduction to image optimisation in Magento Northern Ireland **[Image Optimisation](/web-image-formats)** is an increasingly important step improve page speed and search engine performance of your... September 2022 · Magento

Aheadworks switch to subscription model

Aheadworks will be removing Composer keys and download access for existing customers and switching entirely to a subscription model. From February 2022 Aheadworks announced it... March 2022 · Magento

More Magento Posts...