I would suggest logging the ip, session id (serverside), along side the hashed version, and check those as well, when checking the cookie.

Both of these can be snooped, but at least you can detect when someone is trying to circumvent your security, by spoofing the cookie.

It might be even if you are changing the cookie hash 'often'.