On my website I use PHP sessions. Session information is stored in files in my ./session path. After a few months I discovered that these session files are never deleted, by now there are 145.000 of them in this directory.
How should these be cleaned up? Do I have to do it programmatically, or is ther a setting I can use somewhere that would have this cleanup happen automatically?
EDIT forgot to mention: This site runs at a provider, so I don't have access to a command line. I do have ftp-access, but the session files belong to another user (the one the webserver proces runs I guess) From the first answers I got I think it's not just a setting on the server or PHP, so I guess I'll have to implement something for it in PHP, and call that periodically from a browser (maybe from a cron job running on my own machine at home)
You can create script /etc/cron.hourly/php and put there:
#!/bin/bash
max=24
tmpdir=/tmp
nice find ${tmpdir} -type f -name 'sess_*' -mmin +${max} -delete
Then make the script executable (chmod +x).
Now every hour will be deleted all session files with data modified more than 24 minutes ago.
Use cron with find to delete files older than given threshold. For example to delete files that haven't been accessed for at least a week.
find .session/ -atime +7 -exec rm {} \;
cd to sessions directory and then:
1) View sessions older than 40 min:
find . -amin +40 -exec stat -c "%n %y" {} \;
2) Remove sessions older than 40 min:
find . -amin +40 -exec rm {} \;
# Every 30 minutes, not on the hour<br>
# Grabs maxlifetime directly from \`php -i\`<br>
# doesn't care if /var/lib/php5 exists, errs go to /dev/null<br>
09,39 * * * * find /var/lib/php5/ -type f -cmin +$(echo "\`php -i|grep -i session.gc_maxlifetime|cut -d' ' -f3\` / 60" | bc) -exec rm -f {} \\; >/dev/null 2>&1
The Breakdown:
Only files: find /var/lib/php5/ -type f
Older than minutes: -cmin
Get php settings: $(echo "`php -i|grep -i session.gc_maxlifetime
Do the math: |cut -d' ' -f3` / 60" | bc)
RM matching files: -exec rm -f {} \;
My best guess would be that you are on a shared server and the session files are mixed along all users so you can't, nor you should, delete them. What you can do, if you are worried about scaling and/or your users session privacy, is to move sessions to the database.
Start writing that Cookie to the database and you've got a long way towards scaling you app across multiple servers when time is due.
Apart from that I would not worry much with the 145.000 files.
Use below cron:
39 20 * * * root [ -x /usr/lib/php5/maxlifetime ] && [ -d /var/lib/php5 ] && find /var/lib/php5/ -depth -mindepth 1 -maxdepth 1 -type f -cmin +$(/usr/lib/php5/maxlifetime) -print0 | xargs -r -0 rm
Debian/Ubuntu handles this with a cronjob defined in /etc/cron.d/php5
# /etc/cron.d/php5: crontab fragment for php5
# This purges session files older than X, where X is defined in seconds
# as the largest value of session.gc_maxlifetime from all your php.ini
# files, or 24 minutes if not defined. See /usr/lib/php5/maxlifetime
# Look for and purge old sessions every 30 minutes
09,39 * * * * root [ -d /var/lib/php5 ] && find /var/lib/php5/ -type f -cmin +$(/usr/lib/php5/maxlifetime) -print0 | xargs -r -0 rm
The maxlifetime script simply returns the number of minutes a session should be kept alive by checking php.ini, it looks like this
#!/bin/sh -e
max=1440
for ini in /etc/php5/*/php.ini; do
cur=$(sed -n -e 's/^[[:space:]]*session.gc_maxlifetime[[:space:]]*=[[:space:]]*\([0-9]\+\).*$/\1/p' $ini 2>/dev/null || true);
[ -z "$cur" ] && cur=0
[ "$cur" -gt "$max" ] && max=$cur
done
echo $(($max/60))
exit 0
In case someone want's to do this with a cronjob, please keep in mind that this:
find .session/ -atime +7 -exec rm {} \;
is really slow, when having a lot of files.
Consider using this instead:
find .session/ -atime +7 | xargs -r rm
In Case you have spaces in you file names use this:
find .session/ -atime +7 -print0 | xargs -0 -r rm
xargs will fill up the commandline with files to be deleted, then run the rm command a lot lesser than -exec rm {} \;, which will call the rm command for each file.
Just my two cents
Source: Stackoverflow.com