Share via

Disable Session State (IIS 7)

  • Article

Applies To: Windows 7, Windows Server 2008, Windows Server 2008 R2, Windows Vista

By default, Internet Information Services (IIS) enables session state for Active Server Pages (ASP). With session state enabled, a Web server creates a Session object, or unique session ID, and assigns it to a user when he or she first requests a Web page from an ASP application. The Web server then uses that session ID to keep track of information about the user until the session expires or is abandoned by the ASP script.

Sessions can consume valuable resources on a Web server. You can improve performance and scalability of your ASP application by disabling session state. When you disable session state, ASP does not track users, and does not allow an ASP script to store information in the Session object or to use the Session_OnStart or Session_OnEnd events for more than one request or event.

Prerequisites

For information about the levels at which you can perform this procedure, and the modules, handlers, and permissions that are required to perform this procedure, see Session State Feature Requirements (IIS 7).

Exceptions to feature requirements

  • None

To disable session state

You can perform this procedure by using the user interface (UI), by running Appcmd.exe commands in a command-line window, by editing configuration files directly, or by writing WMI scripts.

User Interface

To Use the UI

  1. Open IIS Manager and navigate to the level you want to manage. For information about opening IIS Manager, see Open IIS Manager (IIS 7). For information about navigating to locations in the UI, see Navigation in IIS Manager (IIS 7).

  2. In Features View, double-click ASP.

  3. On the ASP page, under Services, expand Session Properties.

  4. Select False from the Enable Session State drop-down list.

  5. In the Actions pane, click Apply.

Command-line

To disable session state persistence for an ASP application, use the following syntax:

appcmd set config /section:asp /allowSessionState: False

The variable allowSessionState: False disables session state persistence. The default value is True.

For more information about Appcmd.exe, see Appcmd.exe (IIS 7).

Configuration

The procedure in this topic affects the following configuration elements:

  • <sessionState>

  • <sessionPageState>

For more information about IIS 7 configuration, see IIS 7.0: IIS Settings Schema on MSDN.

WMI

Use the following WMI classes, methods, or properties to perform this procedure:

  • SessionStateSection.Mode property "Off" flag

For more information about WMI and IIS, see Windows Management Instrumentation (WMI) in IIS 7. For more information about the classes, methods, or properties associated with this procedure, see the IIS WMI Provider Reference on the MSDN site.

See Also

Concepts

Configuring Session State in IIS 7