SOLVED php session timeout since 64.0 update

ladydi711

Well-Known Member
Sep 4, 2001
140
6
318
I have a customer's web site that's application seems to be timing out their session after about 15-20 minutes of inactivity. This began after the 64.0 update.

The site has an .htaccess file with
php_value session.gc_maxlifetime 36000

The server itself is set to 28800.

phpinfo() reports for the local and master values:
session.gc_maxlifetime 36000 28800

Any thoughts on why this may be happening or how I can resolve for them?

Thanks in Advance,
Diane
 

Mark Shaw

Member
Apr 13, 2017
10
1
3
PEI Canada
cPanel Access Level
DataCenter Provider
Hello,

This is an issue that I have verified on many of my servers. Like TH-Guy said it's simply a matter of rebuilding apache, this allows all of the configuration files to be recreated that weren't properly converted during the upgrade. Please advise if you need help with it.

Regards,

Mark S.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,908
2,216
463
Hello,

Internal case CPANEL-12629 is open to address an issue with /scripts/clean_user_php_sessions where sessions older than 24 minutes are always deleted on systems running EasyApache 3 (despite configuring custom session.gc_maxlifetime values). I'll update this thread with more information on the status of this case as it becomes available. In the meantime, the temporary workaround is to edit the following file:

Code:
/usr/local/cpanel/scripts/clean_user_php_sessions
Within the file, change this entry:

Code:
    else {
        my $dirs = Cpanel::PHPINI::get_directives( [ 'session.save_path', 'session.max_lifetime' ], 1, '/usr/local/lib' );
        clean_sessions( $dirs->{'session.save_path'}{'value'}, $dirs->{'sessions.max_lifetime'}{'value'} );
    }

    return 1;
To:

Code:
    else {
        my $dirs = Cpanel::PHPINI::get_directives( [ 'session.save_path', 'session.gc_maxlifetime' ], 1, '/usr/local/lib' );
        clean_sessions( $dirs->{'session.save_path'}{'value'}, $dirs->{'session.gc_maxlifetime'}{'value'} );
    }

    return 1;
Then, exclude this file from cPanel updates with the following command:

Code:
echo '/usr/local/cpanel/scripts/clean_user_php_sessions' >> /etc/cpanelsync.exclude
Remember to edit "/etc/cpanelsync.exclude" to remove this line once we've pushed out an update to address the issue.

Thank you.
 

ladydi711

Well-Known Member
Sep 4, 2001
140
6
318
Thanks cPanelMichael, that looks to have worked!

I'll be looking forward to your update. THANKS!
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,908
2,216
463
Hello,

To update, this is fixed as of cPanel version 64.0.17:

Fixed case CPANEL-12629: Ensure clean_user_php_sessions calls the proper EA3 directive.

Thank you.
 
  • Like
Reactions: ladydi711