when I install Joomla, it said session.save_path = /tmp is unwriteable. however, following phpinfo(), the session.save_path on server is /tmp, and all my php sites are working fine, I can see many sess_ files in /tmp. That means the sessions are still written into /tmp by user apache, is that correct?
so, why Joomla instalation saying it's unwriteable? i am on a linux server
It could've gone into the php section as well...I think.
I got a dedicated server 2 days ago, but the "session.save_path" is not set. What I did was create a "php.ini" file, put the following code into it and uploaded it to my public directory.
Quote:
session.save_path = "/var/www/vhosts/contrid.com/subdomains/projects/httpdocs/tmp"
...but I'm not sure if this is right.
Unfortunately it doesn't work, therefore I'm making this post.
If anyone can help me, it will be greatly appreciated.
**
This is for a subdomain.
**
I have just got a resellers VPS and my host installed HyperVM 2.0 and when I logged in it works but then I get logout and then get this error:
IP Address Changed Amidst Session. Possible Session Hijacking.
then it takes my host admin time to fix it and now they will not do any think so i can not now use it (login). Not Good is there something I can do?
all I can think is that it is my ISP IP (Dynamic IP Address) which keeps changing.
I need to make this writeable but I can't find it on my server with my FTPclient. Can someone tell me what it is and where it's likely to be?
Maybe I have to create one?
I have a large survey (I use phpsurveyor) on my reseller webdomain running. It takes about 30 minutes to fill in the complete survey. After 24 minutes my respondents get a session error and their data is lost.
I tried to solve this with a .htaccess
php_value max_execution_time 600
php_value session.gc_maxlifetime 3000
php_value session.cookie_lifetime 3000
With phpinfo.php I can see that the Local Values are session.gc_maxlifetime 3000 and session.cookie_lifetime 3000.
I have got error:
Code:
Warning: session_start() [function.session-start]: Cannot send session cache limiter -
headers already sent (output started at /home/myhope/public_html/pro/index.php:1) in /home/myhope/public_html/pro/index.php on line 2
When i try to login my linux server from GUI i put my username "root" and then put the password, i am not able to login and getting following error
"Your session only lasted less then 10 sec. If you have not logged out yourself this could mean that there is some installation problem of that you may be out of disk space. Try logging in with one of the failsafe sessions to see if you can fix this problem view details in ~/.xsession.error file "
Does any one know about this error.
I had done a program in early 2006 for a site in php-mysql. At the time of doing the code, The code written was not so standard and it contained uninitialized variables used for include file paths (eventhough values are assigned to it before using) and the "sess" folder was created within the website folder. Also the parameters for the SQL query were not escaped, but everything was working fine.
And now i was informed that the insecure code in my program caused the server crash and i have to pay the penalty for the same. Can anyone let me know whether the below code / keeping the session variables within a folder inside the /www/ will make the sites hosted on the server where this program runs to stop/crash for ever ?
------------------------------------------------------------------
function update_region($id,$regname,$regcom)
{
$query = "UPDATE taxregion_mast SET taxregion_name = '". $regname."',
region_comments = '". $regcom."' WHERE region_id =" .$id;
mysql_query($query);
......
-------------------------------------------------------------------
My server session timeout is around 20mins. I wish to extend it longer such as 1 or 2 hours?
How can i extend it?
Is it possible to have 1 session under XXX.XXX.XXX.XXX IP and the 2 session under a different IP allocated by your DC?.
The box is in Europe ..I need to log-in one session and download some files from a server so whenever the master sees it will see one IP and the other session from another.
Two of the reasons I need this done is 1. privacy 2. avoiding of buying another box.
I've come across an issue where our users are not logging out of their terminal services session properly. Whether via TSWeb or MSTSC (remote desktop), if they close the browser or RDP window using the x it keeps the session alive for upto 1 minute.
The problem with this is that we use terminal services to host an application for users who can't install it, so other users that login (using a generic username and password) are adopting/hijacking the original session and seeing someone elses data.
Does anyone know of a way to force a new session each time a user connects to RDP? Whether via TSWeb or MSTSC (remote desktop)?
When I try to login SSH using SecureCRT Software, following error it show.
A public key file has not been specified for the session. would you like to specify one now.
I am using CPanel.
if it's possible to log all ssh commands to a file by session. For example, if I log in as user 'test123', once I close the session, all commands I ran will be saved to a file and either emailed to my server logs email address or saved to a file.
View 5 Replies View RelatedIs there any alternative to ZendPlatform's session clustering? ZendPlatform seems to be very easy to manage.
View 0 Replies View RelatedI am assisting a client who is linking to an online calculator, he is putting a frame on top of the calculator page, so people will still see his information. However, for some reason he is getting a Session Timeout Error in IE.
I don't get this error in Firefox using this method, or ever going to the direct page in IE.
Let me give a better explanation:
If you visit:
[url]
Just put in a fake name and email, it loads a frame at top, and then the online calculator, which is this page:
[url]
Why I am getting a Session Timeout? Is there a better solution. I never get the same error if I go directly too:
[url]
We want a frame or better solution because we still want the contact information to be in front of the consumer.
Does this maybe have to do with a cookie and frame?
I have a website where people perform a number of tasks, saving some data to temporary session files. If the user is idle for a certain amount of time, then performs an action, his/her work will be gone.
I'd like to set the sessions to never expire, so that only a browser close would delete the temporary files.
I've tried looking around in the IIS manager, but I cannot find a way to do this.
I have a Cpanel box, in WHM I used the "PHP Configuration Editor" and changed the php execution time (minor change). After clicking save I now get the following error on any php using sessions:
Warning: session_start() [function.session-start]: open(/tmp /sess_1d374c43a0f726cd43776f9f92485bec, O_RDWR) failed: No such file or directory (2) in /home/continou/public_html/control/index.php on line 4
One thing I noticed it did was turn on PHPSuexec which generally causes problems for me. I turned that off and the error response changed slightly (to above) but the problem is not solved.
I tried rebooting the server. /tmp does exist, I am now rebuilding apache in hopes that corrects the problem.
i have a cpanel server with centos,
and i put a script on it,
and i get the error
-----------------------------------------------------
Warning: Unknown: Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively. in Unknown on line 0
-----------------------------------------------------
I'm looking at allowing remote telnet into my server.
like any security-minded administrator, I want to log what my users type on the telnet session.
I'm using the script command to generate transcripts of the users session.
I have /etc/profile set to automatically start the script command to log user activity, and in /etc/bash.bash_logout I have a command that emails me the transcript of the users' session.
All of the above works well except for one thing:
the users can type "exit" to escape from my script logging and any commands they type won't get logged.
i want to know how much connection/session numbers to my server,
are there any method to get it?
For the past couple of days, I've noticed that there is alot of apache processes running in the "D" state and that my IO wait is up to %80. I straced one of the processes and the result is its locking on a php session:
$ strace -p 3230
06:57:12 open("/var/lib/php/session/sess_86ecf346c6f7adba93cb1077f6b95d43", O_RDWR|O_CREAT,
0600) = 44
06:57:12 flock(44, LOCK_EX
And this is the output of lsof
[root@xeon ~]# lsof | grep session
mysqld 3212 mysql 178u REG 8,33 275456 26099994 /hd/mysql/sitebuilder3/session.MYI
mysqld 3212 mysql 183u REG 8,33 354592 26099937 /hd/mysql/sitebuilder3/session.MYD
bash 6426 root cwd DIR 8,21 1060864 25133096 /var/lib/php/session
httpd 6698 apache 44uW REG 8,21 115 9814967 /var/lib/php/session/sess_e0f1bb824667860260f9e5bd53da54e9
httpd 6704 apache 44u REG 8,21 138 25135115 /var/lib/php/session/sess_325b2701fcb8fb2d8371d1dd72660e8b
httpd 6718 apache 44u REG 8,21 138 9814423 /var/lib/php/session/sess_a28662f28c3fe91926c7c96267fe324f
httpd 6723 apache 44u REG 8,21 115 9814794 /var/lib/php/session/sess_79249a69f0a929318c3a8d25b1102ff4
httpd 6765 apache 44u REG 8,21 14 9815234 /var/lib/php/session/sess_0983ce89bad9d37eccec89fe83985945
httpd 6773 apache 44u REG 8,21 141 9815254 /var/lib/php/session/sess_298731e4cb90e58f223bc1b1b2da8cef
httpd 6782 apache 44uW REG 8,21 175 9814514 /var/lib/php/session/sess_608cf6bb40ba33a7505f3857e32c3854
httpd 6786 apache 44u REG 8,21 139 9814480 /var/lib/php/session/sess_10913da266608052ffd08e5fa39356c7
httpd 6787 apache 44uW REG 8,21 138 9814292 /var/lib/php/session/sess_3e0fac0590d02b4f111ce4bee9a8bfe1
httpd 6790 apache 44u REG 8,21 14 9815287 /var/lib/php/session/sess_cdfeac2790c55a62744a66caef886857
httpd 6794 apache 44u REG 8,21 138 9814423 /var/lib/php/session/sess_a28662f28c3fe91926c7c96267fe324f
httpd 6798 apache 44uW REG 8,21 93 9814971 /var/lib/php/session/sess_fa0f81edfd26e8653bc94bc9f9af6f6d
httpd 6801 apache 44u REG 8,21 138 9814423 /var/lib/php/session/sess_a28662f28c3fe91926c7c96267fe324f
httpd 6802 apache 44uW REG 8,21 138 9814423 /var/lib/php/session/sess_a28662f28c3fe91926c7c96267fe324f
httpd 6811 apache 44uW REG 8,21 115 9814802 /var/lib/php/session/sess_396f6670549934766bd8268f0b5628fc
httpd 6822 apache 44u REG 8,21 153 9815061 /var/lib/php/session/sess_0d1fcc65d1964fc3d354e4b94f3638eb
httpd 6833 apache 44uW REG 8,21 153 9815173 /var/lib/php/session/sess_05ed9e41766579f10cfdaa2f7e737a1a
httpd 6846 apache 44u REG 8,21 236 9815142 /var/lib/php/session/sess_23b5cad8471778391bf9748d0f4f1230
We have a product which is web based and uses sessions for everyone logged in and when they timeout the Session_OnEnd is supposed to fire and delete records from a table which stores some data for the user.
The problem is that the Session_OnEnd is not firing and therefore not clearing the table everytime the user times out.
The server:
Windows 2003 Service Pack 1 (I know there has been a problem with SP2 with the session_onEnd not firing but this does not effect SP1)
The whole site is running behind a SSL. We have switched this off and it still doesnt fire.
The site is written in classic ASP.
We have over another 200 clients with the same setup but they are not suffering from the same problems and I have come to the end of my knowledge about IIS (as I am a web developer and not server admin) and where to look.
on my (virtual) Ubuntu Server (12.04.5 LTS), I am running the latest Plesk version (12.0.18 Update #35). For "normal" web use, I am running Apache (2.2.22) and PHP (5.3.10-1ubuntu3.16) as a FastCGI module.
Since I was just checking a couple of other servers regarding PHP session management, I also checked this server. What I found out is that on this server probably no session file garbage collection takes place.The basic PHP configuration (I didn't touch it so far) is done through files located /etc/php5/cgi with its basic PHP configuration file php.ini. Running phpinfo() confirmed the session settings done in php.ini:
[Session]
session.save_handler = files
session.save_path = /var/lib/php5
session.gc_divisor = 1000
session.gc_maxlifetime = 1440
session.gc_probability = 0
With these settings (gc_probability = 0), I assume that no automatic garbage collection is started from within PHP (URL....). As posted in the link before, Debian and Ubuntu normally have their own scripts in /etc/cron.d/php5 to do this garbage collection.
On my Plesk server with no personal modifications towards PHP however, neither the automated garbage collection (in php.ini) is activated, nor does the (standard) Ubuntu/Debian cron job exists to delete outdated session files in /var/lib/php5. This results in many outdated files filling up that directory on my server.
My questions now are:
1) Is the removal of the cron job /etc/cron.d/php5 something specific that happened during the installation of Plesk? Why?
2) Is there another (Plesk-specific) script that should do the work?
I am running into a problem with my home linux server running Fedora 8 (2.6.26.6-49.fc8). The problem is with my SSH sessions, in that they hang or freeze when I try to run certain commands such as (ps -auxt or top) or when trying to edit (/etc/httpd/conf/httpd.conf) via VI or Pico. I am able to edit my pure-ftpd.conf file with little to no trouble through either Vi or Pico however. I did some research already on openssh.org but my problem does not resemble the tcp timeout issues I've seen described. When the SSH session hangs I'm forced to disconnect and then reconnect. Just curious if anyone has any ideas as to what I can try to resolve this problem.
View 12 Replies View RelatedI have installed apache 2.4.10 with tomcat-7 as backend .Proxypass has been added in apache to access tomcat via http port .now requirement is to restrict each Context to 100 sessions only , how i need to achieve this .
View 1 Replies View RelatedI have diesel generator controller card (IB Lite made by Comap) and the built-in webserver supports only a single user/session connected.
I want to set apache in front and serve multiple connection while apache is keeping a single session with the IB Lite card in background no matter how sessions it have.
I tried ProxyPass but it doesn't seems to be a solution.
Is this possible?
I am trying to encrypt my session using the following directive
Session On
SessionCookieName session path=/
SessionCryptoPassPhrase sec
We are using form based authentication.
use of SessionCryptoPassPhrase crashes the server. If I dont use that directive it does not encrypt and works fine.
I see this error in application event log
Faulting application httpd.exe, version 2.4.2.0, faulting module libaprutil-1.dll, version 1.4.1.0, fault address 0x00002f14.
Some of my websites show the following error when trying to use _any_ of the Plesk-supplied PHP packages instead of the default PHP CentOS/atomic package:
Code:
Unknown: open(/var/lib/php/session/sess_xxxxxxxxxxxx, O_RDWR) failed: Permission denied (13) in Unknown on line 0
This is a fresh install of Plesk 12 MU55 on CentOS 6.6.
Same thing happens with Plesk 12.5 Preview on CentOS 7.1
...as soon as I select any of the Plesk-supplied packages (PHP 5.4 - 5.6) with FastCGI, the error appears.
I'm currently a video sharing site and I'm aiming for large videos (around 500MB - 1GB), now I have to take into account an average user should only be able to do 30k-50k per sec.
So the session_timeout and upload_max need to be adjusted. Anybody with experience with large upload sites ?