Comment 10 for bug 316441

If you edit /etc/cron.d/php5 you will have something like this:

# /etc/cron.d/php5: crontab fragment for php5
# This purges session files older than X, where X is defined in seconds
# as the largest value of session.gc_maxlifetime from all your php.ini
# files, or 24 minutes if not defined. See /usr/lib/php5/maxlifetime

# Look for and purge old sessions every 30 minutes
09,39 * * * * root [ -x /usr/lib/php5/maxlifetime ] && [ -d /var/lib/php5 ] && find /var/lib/php5/ -type f -cmin +$(/usr/lib/php5/maxlifetime) -print0 | xargs -n 200 -r -0 rm

Just comment the last line to disable the cron job.

Then in /etc/php5/apache2/php.ini search for the [Session] section and modify any of the following to your requirements:

session.save_handler = files

How php stores session data, leave this alone unless you want to change the save handler, e.g. to memcache

;session.save_path = /var/lib/php5

Change the location of where php saves session files. Either a local path for 'files' or a url in the form of "tcp://1.2.3.4:11211/" for memcache etc.

;session.gc_probability = 0
session.gc_divisor = 100

You will need to uncomment session.gc_probability and set it to 1 to enable the default garbage collection behaviour of PHP. This means that approx every 100 requests PHP will perform garbage collection, you could decrease session.gc_divisor or increase session.gc_probability to increase this but default should be fine.

session.gc_maxlifetime = 1440

This is how long sessions remain active, 1440 seconds is not long, only about 20 mins (24 to be exact) so it is often worth increasing this value, depending on your needs.

There are other variables in the [Session] section but you shouldn't need to change them.