diff --git a/README.md b/README.md
index 635d4a6..4126807 100644
--- a/README.md
+++ b/README.md
@@ -64,6 +64,7 @@ the code.
 - `QAFOO_PROFILER_SAMPLERATE` controls the sample rate how often the profiler should sample full XHProf traces.
 - `QAFOO_PROFILER_ENABLE_LAYERS` controls if XHProf should sample wall times of layers (DB, I/O, ...) in every request.
 - `QAFOO_PROFILER_ENABLE_ARGUMENTS` controls if argument summaries of important functions such as DB, HTTP and filesystem calls should be traced.
+- `QAFOO_PROFILER_DISABLE_SESSIONS` controls if explicit developer sessions are allowed.
 
 For example you can configure this in your PHP FPM Pool configuration:
 
@@ -71,6 +72,7 @@ For example you can configure this in your PHP FPM Pool configuration:
     env[QAFOO_PROFILER_SAMPLERATE] = 10
     env[QAFOO_PROFILER_ENABLE_LAYERS] = 1
     env[QAFOO_PROFILER_ENABLE_ARGUMENTS] = 1
+    env[QAFOO_PROFILER_DISABLE_SESSIONS] = 0
 
 ### Framework Detection
 
diff --git a/src/main/QafooLabs/Profiler.php b/src/main/QafooLabs/Profiler.php
index 2d908cd..f5b1a45 100644
--- a/src/main/QafooLabs/Profiler.php
+++ b/src/main/QafooLabs/Profiler.php
@@ -271,12 +271,21 @@ private static function decideProfiling($treshold)
         }
 
         $vars = array();
-        if (isset($_COOKIE['QAFOO_PROFILER_SESSION']) && is_string($_COOKIE['QAFOO_PROFILER_SESSION'])) {
+
+        if (isset($_SERVER['HTTP_X_QAFOO_PROFILER']) && is_string($_SERVER['HTTP_X_QAFOO_PROFILER'])) {
+            parse_str($_SERVER['HTTP_X_QAFOO_PROFILER'], $vars);
+        } else if (isset($_SERVER['QAFOO_PROFILER_SESSION']) && is_string($_SERVER['QAFOO_PROFILER_SESSION'])) {
+            parse_str($_SERVER['QAFOO_PROFILER_SESSION'], $vars);
+        } else if (isset($_COOKIE['QAFOO_PROFILER_SESSION']) && is_string($_COOKIE['QAFOO_PROFILER_SESSION'])) {
             parse_str($_COOKIE['QAFOO_PROFILER_SESSION'], $vars);
         } else if (isset($_GET['_qprofiler']) && is_array($_GET['_qprofiler'])) {
             $vars = $_GET['_qprofiler'];
         }
 
+        if (isset($_SERVER['QAFOO_PROFILER_DISABLE_SESSIONS']) && $_SERVER['QAFOO_PROFILER_DISABLE_SESSIONS']) {
+            $vars = array();
+        }
+
         if (isset($vars['hash'], $vars['time'], $vars['user'], $vars['method'])) {
             $message = 'method=' . $vars['method'] . '&time=' . $vars['time'] . '&user=' . $vars['user'];