| Is CI session management broken? |
I have encountered a similar issue with a site built on CI Bonfire, running CI 3.1.6. The site utilizes the filesystem for session management, but it seems that the garbage collection responsible for deleting old session files is not functioning properly. As a result, the session directory has accumulated a staggering amount of session files, exceeding 26 million and totaling 1.5GB in size.
To address this problem, a temporary solution has been implemented by creating a tmpfs mount point for the sessions. This approach aims to mitigate the potential harm caused by writing such a massive number of files with high frequency to a physical disk. Additionally, a shell script has been developed to delete session files older than 4 hours. Although this workaround seems effective for now, it does feel like a makeshift solution considering that automatic session management should ideally be handled by CI itself. The current session settings in the configuration file are as follows: $config['sess_cookie_name'] = 'bf_session_'; $config['sess_expiration'] = 7200; $config['sess_time_to_update'] = 300; $config['sess_match_ip'] = false; $config['sess_driver'] = 'files'; $config['sess_regenerate_destroy'] = true; $config['sess_save_path'] = 'sessions'; If anyone has encountered a similar issue and found a solution, I would appreciate hearing about your experience. Is the session management in CI broken, or are there any recommended steps to address this problem more effectively? edit: https://thecyphere.com/blog/koows/broken-authentication-session-management/
You need to configure the garbage collector. It can be disabled. To do this, set the values in php.ini or set in the file app/Common.php. And execute crontab with session_gc() every day/hour
https://www.php.net/manual/en/session.co...robability PHP Code: ini_set('session.gc_probability', 1);
Simple CI 4 project for beginners codeigniter-expenses
|
| Welcome Guest, Not a member yet? Register Sign In |
