Posting in the Magento forums has been disabled pending the implementation of a new and improved forum solution which should better serve the community.

For new questions please post at magento.stackexchange.com, the community-run support site for the Magento community. We will be providing updates on the new forum solution soon. For questions or concerns please email community@magento.com.

Magento Forum

Page 1 of 2
Increase backend session timeout
 
internezzo ag
Jr. Member
 
Avatar
Total Posts:  17
Joined:  2008-05-19
Switzerland
 

Hi there

How can I increase the backend (admin panel) session timeout? It kicks me out after 15min (I guess) of inactivity which is really annoying…

Regards
Marcel

 
Magento Community Magento Community
Magento Community
Magento Community
 
Fontis
Sr. Member
 
Avatar
Total Posts:  99
Joined:  2007-08-31
Melbourne, Australia
 

It’s a setting in the admin panel.

System -> Configuration
General > Web ( http://yoursite/index.php/admin/system_config/edit/section/web/)

Open “Session Cookie management”

Adjust the value for “Cookie Lifetime”.

 
Magento Community Magento Community
Magento Community
Magento Community
 
internezzo ag
Jr. Member
 
Avatar
Total Posts:  17
Joined:  2008-05-19
Switzerland
 

Hi

Strange. I had a value of 3600. But the timeout was never a full hour. That’s why I never considered it to be this value.
I now doubled it. Will see…
Thanks!

Regards
Marcel

 
Magento Community Magento Community
Magento Community
Magento Community
 
Armen
Member
 
Total Posts:  46
Joined:  2008-05-06
Los Angeles
 

I’m having a similar issue as internezzo-ag. I have the session timeout value set to well over an hour and my backend sessions are timing out in around fifteen minutes.

Has anyone else experienced this issue? How did you resolve it?

I wonder if this has something to do with a php.ini setting somewhere?? I looked around and saw that recommendations for shared hosting of PHP apps say to not place sessions in a shared global folder such as /tmp since the server may clean those up regularly or other users may get access to your sessions. However, as far as I can tell Magento’s sessions are stored by default in <mageROOT>/var/session/ so this shouldn’t be an issue.

 
Magento Community Magento Community
Magento Community
Magento Community
 
doso
Jr. Member
 
Avatar
Total Posts:  6
Joined:  2008-11-05
 

same problem for me

 
Magento Community Magento Community
Magento Community
Magento Community
 
UnfinishedWebsite
Jr. Member
 
Total Posts:  5
Joined:  2009-02-12
 

I think there are a few ways to solve this problem.  The root of the problem is most likely the session.gc_maxlifetime setting in php.ini.  The default value (in my php.ini) is 1440, aka 24 minutes.  There are two solutions here.

1. Change the session.gc_maxlifetime setting to something longer.  This will be a global change and will affect both the admin section as well as the frontend.  It could potentially affect your other sites too if you host multiple sites on the same server.  For me, this solution was sufficient.
2. Another, more complicated solution would be to override the Core/Model/Session/Abstract/Varien.php class.  I have not looked into this solution, but I *think* it’s possible.

Magento is a phenomenal product, but I think they’ve done a bit of a poor job on the session implementation.  The fact that things rely on php.ini rather than Magento configurations is surprising.

 
Magento Community Magento Community
Magento Community
Magento Community
 
mctechie
Jr. Member
 
Total Posts:  4
Joined:  2009-03-23
 

Just thought I’d share this with you… I added the following line to the end of my .htaccess file in the root of the domain www folder.

php_value session.gc_maxlifetime 86400

Now I stay logged on in the admin backend for 24 hours!

--Martin C.

 
Magento Community Magento Community
Magento Community
Magento Community
 
Aussie_Leo
Jr. Member
 
Total Posts:  14
Joined:  2008-11-15
 
mctechie - 22 April 2009 07:17 PM

Just thought I’d share this with you… I added the following line to the end of my .htaccess file in the root of the domain www folder.

php_value session.gc_maxlifetime 86400

Now I stay logged on in the admin backend for 24 hours!

--Martin C.

Does this affect sessions on the frontend too? I would imagine it would.

 
Magento Community Magento Community
Magento Community
Magento Community
 
igloo-x
Jr. Member
 
Total Posts:  1
Joined:  2009-05-04
 

admin panel:
system -> advanced -> admin -> security
Enter value for: “Session Lifetime, Seconds”

I haven’t tested this yet,
but it should produce the desired results according to the following code in: app\code\core\Mage\Core\Model\Session\Abstract\Varien.php

if (Mage::app()->getStore()->isAdmin()) {
$adminSessionLifetime = (int)Mage::getStoreConfig(’admin/security/session_cookie_lifetime’);
if ($adminSessionLifetime > 60) {
Mage::getSingleton(’core/cookie’)->setLifetime($adminSessionLifetime);
}
}

 
Magento Community Magento Community
Magento Community
Magento Community
 
itchytrig
Sr. Member
 
Avatar
Total Posts:  162
Joined:  2008-10-03
UK
 

McTechie,

Since changing the .htaccess file to include:

php_value session.gc_maxlifetime 86400

We appear to be getting more site stalls than normal! Is this extra timeout causing a build up our site cannot handle!? We are running 3 Mag stores on 1 dedicated server too.??

Really could do with a simple fix for admin timeouts… Varien? Anyone??

 
Magento Community Magento Community
Magento Community
Magento Community
 
codeninja
Jr. Member
 
Total Posts:  2
Joined:  2009-08-19
 
itchytrig - 25 August 2009 02:17 AM

McTechie,

Since changing the .htaccess file to include:

php_value session.gc_maxlifetime 86400

We appear to be getting more site stalls than normal! Is this extra timeout causing a build up our site cannot handle!? We are running 3 Mag stores on 1 dedicated server too.??

Really could do with a simple fix for admin timeouts… Varien? Anyone??

I’m getting the same problems. Site is stalling all the time! Anyone have any suggestions?

 
Magento Community Magento Community
Magento Community
Magento Community
 
IngGross_de
Sr. Member
 
Avatar
Total Posts:  93
Joined:  2009-03-18
Switzerland
 

I have found a solution for me after a long search and a lot of try and errors.

There are a lot of similar reports in the forum, but usually no working solution:
http://www.google.com/search?hl=de&q;=timeout+login+admin+site&#x3A;magentocommerce.com&btnG;=Suche&lr;=

Finally I found this and tried it: http://www.magentocommerce.com/boards/viewthread/8788/P15/

Crucial - 30 July 2008 08:14 PM

How is Magento setup to handle sessions, via filesystem or database?

We just had a client run into the same issue, and Magento was setup to let the database handle sessions (default is the filesystem). I was unable to login. It would just keep sending me to the login page, but I could see the URL was trying to parse at least. Occassionaly I would get in to the backend after trying to login 2-3 times in a row, but would still get “logged out” of the system.

To see what you have, or to change it, open up the following:

app/etc/local.xml

Look for this:

<session_save><![CDATA[db]]></session_save>

And change it to this:

<session_save><![CDATA[files]]></session_save>

If it’s already set to files, then there’s possibly another bug. After you’ve done this, make sure you delete the following directories:

var/session
var/cache

And also delete all of the items in the core_session table.

You should be able to login and stay logged in now.

This I have done and it worked. I even left open the admin backend over night and could continue this morning! Usually I was thrown out within 20 minutes.

Hope this also helps others.

Res

 
Magento Community Magento Community
Magento Community
Magento Community
 
itchytrig
Sr. Member
 
Avatar
Total Posts:  162
Joined:  2008-10-03
UK
 

Res,

Thanks for the post, anyone else tried this at all? Did it work for them…

I only have 2 live stores at present, and do not have a dev site to test this on thats all… though will be setting one up soon!

thanks!

 
Magento Community Magento Community
Magento Community
Magento Community
 
Carlos Teixeira
Sr. Member
 
Total Posts:  95
Joined:  2009-01-26
Brasil
 

Hi,

Increase the value of session.gc_maxlifetime is the best solution for this, increase the value of the lifetime of the cookie in the backend does not affect the management of session.

The session is always destroyed based on the value of the variable session.gc_maxlifetime.

Mage/Core/Model/Mysql4/Session.php

Line 77 ...

public function getLifeTime()
    
{
        
        
if (is_null($this->_lifeTime)) {
            $this
->_lifeTime ini_get('session.gc_maxlifetime');
            if (!
$this->_lifeTime{
                $this
->_lifeTime 3600;
            
}
        }       
        
return $this->_lifeTime;
    
}

Line 174 ..

$bind = array(
            
'session_expires'=>time() + $this->getLifeTime(),
            
'session_data'=>$sessData
        
);
....
Line 213 ...
public function gc($sessMaxLifeTime)
    
{
        $this
->_write->query("DELETE FROM `{$this->_sessionTable}` WHERE `session_expires` < ?", array(time()));
        return 
true;
    
}

I tested this solution only for the session handle “db”, but think it should be the same for others.

The magento team should find a better solution for this. :(

 
Magento Community Magento Community
Magento Community
Magento Community
 
klausherzberg
Member
 
Total Posts:  70
Joined:  2008-10-20
 
internezzo ag - 03 October 2008 12:33 AM

Hi there

How can I increase the backend (admin panel) session timeout? It kicks me out after 15min (I guess) of inactivity which is really annoying…

Regards
Marcel

If you are using database based session handling:

SELECT *
FROM `core_config_data`
WHERE `path` LIKE ‘admin/security/session_cookie_lifetime’

857 default 0 admin/security/session_cookie_lifetime 500

500 is the default value

Change it to whatever you want.

klaus.

 
Magento Community Magento Community
Magento Community
Magento Community
 
mystix
Jr. Member
 
Total Posts:  4
Joined:  2009-10-19
 
klausherzberg - 18 December 2009 01:08 AM

If you are using database based session handling:

SELECT *
FROM `core_config_data`
WHERE `path` LIKE ‘admin/security/session_cookie_lifetime’

857 default 0 admin/security/session_cookie_lifetime 500

500 is the default value

Change it to whatever you want.

klaus.

that’s exactly what post #9 does, except it’s done through the Admin panel instead of mucking directly with the database.

 
Magento Community Magento Community
Magento Community
Magento Community
Magento Community
Magento Community
Back to top
Page 1 of 2