Server-wide gzip is good, in fact it's brilliant. Output buffering
is needed otherwise you get a _headers already sent_ error.
The internet should've come with gzip built in ...it's that good.
php_value session.use_only_cookies 1
php_value session.use_trans_sid 0
Some browsers and just about all search engines' bots have
cookies turned off which leads to ?PHPSESSID stuff getting
appended to your site's URLs. This looks bad in the listings
and an almighty pain to get the search engines to drop.
Use the stuff in .htaccess for a per iBay site and in a
httpd PHP fragment for all iBays - as per usual.
My notes also say...
The session.use_only_cookies stuff specifies whether the
module will only use cookies to store the session id on the
client side. Defaults to 0 (disabled, for backward compatibility).
Enabling this setting prevents attacks involved passing the
session ids in URLs. This setting was added in PHP 4.3.0.
http://www.php.net/manual/en/ref.session.phpSee also...
http://www.ragepank.com/articles/26/disable-phpsessid/