Apache/PHP Lost sessions and WHM problems

Current configuration of System:

WHM 11.19.0 cPanel 11.19.0-E20931
REDHAT Enterprise 3 i686 on standard - WHM X v3.1.0

Problem:

Apache and PHP are not resuming sessions but creating new ones on every reload of the page or when browsing through the clients site. this happened after upgrade from 1.3.37/php5/4 as modules to Apache2.2.8 suphp 5/4 .

After this any rebuild and any combination between cpanelbuild(Cur,Rel,Edge,Stab), apache and php versions and ways of running (mod_, cgi, suphp) didn't solve the problem.

This brakes all sites as session variables are lost from the array on reload or just browsing or if there is a redirect or a self POST.

Partial workaround was to compile Apache 1.3.X with php4 as DSO .. and selecting in php.ini session.use_trans_sid=1 which added the SESSID to the URL and even the sometimes the server created new session though in /tmp (the session save path, 1777 writable readable secured) there was one .Ant this worked partially in IExplore and FFox , Konqueror ... and so on.

I have noticed that my phpinfo() showed something very strange:

Directive Local Value Master Value
session.auto_start Off Off
session.bug_compat_42 On On
session.bug_compat_warn On On
session.cache_expire 180 180
session.cache_limiter nocache nocache
session.cookie_domain no value no value
session.cookie_httponly Off Off
session.cookie_lifetime 0 0
session.cookie_path / /
session.cookie_secure Off Off
session.entropy_file /dev/urandom /dev/urandom
session.entropy_length 0 0
session.gc_divisor 100 100
session.gc_maxlifetime 24 1440
session.gc_probability 5 1
session.hash_bits_per_character 4 4
session.hash_function 0 0
session.name PHPSESSID PHPSESSID
session.referer_check 0 0
session.save_handler files files
session.save_path /tmp /tmp
session.serialize_handler php php
session.use_cookies On On
session.use_only_cookies On Off
session.use_trans_sid no value 0


Notice the session.use_only_cookies and the session.gc_probability and session.gc_maxlifetime local values ... there is no local php.ini file or .htaccess files that could set these in this users account and I cannot find a way to reset his values.

In spite of this I think the problem is somewhere in the mod rewrite rules but even without mod rerwrite the problem with the sessions get lost stays.

I have been fighting with this session issue for 5 day and no solution still. Did everything U can Imagine - upcp , fixevery... and so on... almost everything in /scripts .... Nothing helps !

Please iif anyone can give mi a hint where to look for the problem.

Also the HTTP Respone Headers ain phpinfo say:

Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0

if this has something to do with the issue.


Another Problem:

Main >> Addon Script Manager
Addon Script Manager
[a fatal error or timeout occurred while processing this directive]


More Info: In Webmail(HORDE) sessions are OK but of course that's a different PHP and web server.

No firewall blocks cookies to be set and send correctly to clients! It seems apache ignores the cookies sent by clients and that's why recreates sesssions and not resuming them on session_start().

Thanks in advance,
Stefan

 

Partialy fixed

apache sessions fixed! the problem lines appeared to be:

session.save_path = "/var/tmp"

and

session.entropy_length = 0

when I changed it to :

session.save_path="/var/tmp"
(removed the blank spaces)

and

;session.entropy_length = 0
(commented it out)

Everything works perfectly after small modifications to accounts folders permitions and ownerships and local php.ini-s for accounts that needed such, though the phpini shows wrong local values .

The problem with cpanel's addon manager still exists no matter if we up/downgradeto sany release/stable/edge/current version .

Anyone experienced this ?