Declaring Session Max Life Time in htaccess

Question

I am wondering whether we can declare session.gc_maxlifetime setting in .htaccess for the one particular project instead of whole web server?

If so, how can we do that? Like the following code?

php_value session.gc_maxlifetime 2000

I've tried it and it didn't work and also I created a php.ini file in the same directory of my project and it didn't work either.

Thanks.

Answer 1

Yes, session.gc_maxlifetime is a PHP_INI_ALL setting so it can be overidden in .htaccess:

php_value session.gc_maxlifetime 2000

Also make sure that <Directory> entry in your Apache configuration supports override:

AllowOverride Options

It also may be possible that you misunderstood the purpose of this option. This option will not set the maximum life time of a session, it will set the amount of time after which the garbage collector will clean the session if it's not valid. This can be determined by a lot of factors, including access times, modification times, other INI options such as session.gc_probability and session.gc_divisor.

If you want to limit a session life time, use a proper mechanism for that, as described by @Gumbo in How do I expire a PHP session after 30 minutes.