Software developer can disable session state management using option “Off”. This can provide a slight performance improvement for websites that are not using session state:

C# 8.0 and .NET Core 3.0 – Modern Cross-Platform Development: Build applications with C#, .NET Core, Entity Framework Core, ASP.NET Core, and ML.NET using Visual Studio Code, 4th Edition
ASP.NET Core 3 and Angular 9: Full stack web development with .NET Core 3.1 and Angular 9, 3rd Edition
C# in Depth, 4th Edition

 

<?xml version=”1.0” encoding=”utf-8” ?>
<configuration>
     <system.web>
     <!— other settings are omitted. —>
     <sessionState
        cookieless=”AutoDetect” cookieName=”ASP.NET_SessionID”
        regenerateExpiredSessionID=”false”
        timeout=”20”
        mode=”Off”
        stateConnectionString=”tcpip=127.0.0.1:42424”
        stateNetworkTimeout=”10”
        sqlConnectionString=”data source=127.0.0.1;Integrated Security=SSPI”
        sqlCommandTimeout=”30” allowCustomSqlDatabase=”false”
        customProvider=””
     />
     </system.web>
</configuration>