Setting Session Timeout

Parameters

Three parameter in php.ini determines the effective session timeout, i.e. the timeout that the garbage collector deletes the session files: 

; Define the probability that the 'garbage collection' process is started
; on every session initialization.
; The probability is calculated by using gc_probability/gc_divisor,
; e.g. 1/100 means there is a 1% chance that the GC process starts
; on each request.

session.gc_probability = 1
session.gc_divisor     = 100

; After this number of seconds, stored data will be seen as 'garbage' and
; cleaned up by the garbage collection process.
session.gc_maxlifetime = 28800

; NOTE: If you are using the subdirectory option for storing session files
;       (see session.save_path above), then garbage collection does *not*
;       happen automatically.  You will need to do your own garbage
;       collection through a shell script, cron entry, or some other method.
;       For example, the following script would is the equivalent of
;       setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes):
;          cd /path/to/sessions; find -cmin +24 | xargs rm

Suggested Settings

The garbage collector's run period determined by session.gc_probability/session.gc_divisor should be one dimension smaller as session.gc_maxlifetime. E.g. assumed, that the customer wants 8 hours session timeout and there are about 300 HTTP request per hour, use the following settings: 

session.gc_probability = 1
session.gc_divisor     = 100     ; garbage collector runs about in every 20 minutes (60 * 1 / 100 * 300)
session.gc_maxlifetime = 28800   ; 8 * 3600

SessionTimeout (last edited 2011-05-19 08:45:22 by 195)

Copyright 2008-2014, SoftXS GmbH, Switzerland