Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

› WebAssist Forums › Data Bridge › SecurityAssist › Length of Session Time out

Length of Session Time out

Thread began 2/20/2019 8:38 pm by Lee Firth | Last modified 2/21/2019 6:30 pm by Ray Borduin | 524 views | 6 replies |

2/20/2019 8:38 pm | #1 Lee Firth

Length of Session Time out

How do you greatly increase the length of time before you have to log in again? My client logs in to his website, might go away for an hour or two and then comes back and has to log on again. Ideally I would like a 4 hour session time at least.

2/21/2019 7:54 am | #2 Ray BorduinWebAssist

It is not done on the page with php. You have to updated it in the php.ini file. session.gc_maxlifetime in php.ini is set to 24 minutes (1440 seconds) by default. You can set it to anything you want, but may need to talk to your hosting company to find out where and how they allow updates to php.ini.... it may not be possible on some shared hosting platforms.

Did this help? Tips are appreciated...

2/21/2019 1:50 pm | #3 Lee Firth

Thats the problem, this is shared hosting and I don't have access to the php.ini file, is there another way?

2/21/2019 1:55 pm | #4 Ray BorduinWebAssist

You can ask your hosting provider if they provide a way, but it can't be done from the php code directly. Sometimes they provide a way to update it from the .htaccess file or have a place in your hosting admin where it can be changed, but it may not be possible on shared hosting environments.

Did this help? Tips are appreciated...

2/21/2019 2:28 pm | #5 Lee Firth

I have changed this bu adding the following line to my htaccess file:
php_value session.gc_maxlifetime 18000
I can confirm that the new value is in effect by looking at phpinfo() but it still times out after a short period of time, is there something I am missing?

2/21/2019 2:40 pm | #6 Ray BorduinWebAssist

You may have to update the session.save_path value as well. Sessions are stored as files in a folder specified by that path. If another shared site on that server goes through and clears out sessions that are more than 24 minutes old, it may remove yours as well. A unique save_path could be the solution.

It's always best to use a session.save_path in the directory owned by your user outside of the webroot that has full read/write/execute permissions (777).

Finally, don't forget that you need to set the session.cookie_lifetime to be greater than, or at least equal to, your session.gc_maxlifetime directive.

Did this help? Tips are appreciated...

2/21/2019 2:44 pm | #7 Lee Firth

session.cookie_lifetime is set to 0 which I believe means there is no limit.

I'll try setting a different session.save_path value.

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now. Build a store, a gallery, or a web-based email solution.