How to prevent PHP sessions being shared between different apache vhosts / different applications

When you run multiple applications on one server, you might run into the session-sharing problem: All your applications share the same pool of PHP sessions. This is especially bad when running multiple instances of the same software, like multiple WordPress blogs etc.

Usually, when running multiple applications, you’ll do this with multiple VirtualHosts on your server (i cannot go into detail what a VirtualHost is or how to setup, as you probably already know when reading such an article). The way to go is simple: Set a different PHP session folder for every VirtualHost, like this:

php_value session.save_path "/var/mysessionsforapplication_1"

In this example I’m running two instances of the same application on one server, each one on a different port (you might want to use a domain name here).

<VirtualHost *:81>
    ...
    DocumentRoot /var/www/app1
    <Directory "/var/www/app1">
        AllowOverride All
        php_value session.save_path "/var/mysessionsforapplication_1"
   </Directory>
</VirtualHost>

<VirtualHost *:82>
    ...
    DocumentRoot /var/www/app2
    <Directory "/var/www/app2">
        AllowOverride All
        php_value session.save_path "/var/mysessionsforapplication_2"
   </Directory>
</VirtualHost>

Please note that you need to restart the apache after you’ve changed things like that. Setting up VirtualHosts is a topic on it’s own, so it’s not covered here. In most cases editing

/etc/apache2/sites-available/default

will do the job.

This article was written quite a while ago (4 years), please keep this in mind when using the information written here. Links, code and commands might be outdated or broken.

Random articles

1 Comment

Marcello Kad Cadoni

May 27, 2015 1:24 pm

Why you don’t put this parameter into the Virtualhost tag instead of directory tag?

Reply

How to prevent PHP sessions being shared between different apache vhosts / different applications

Random articles

1 Comment

Leave A Comment Cancel reply

Perfect HTML email templates for perfect HTML emails (outlook!) with INK

Microsoft enters post-password era with Hello (promo video)

Berlin, prepare for TOA conference (15th – 17th of July)

How to install/setup latest version of PHPMyAdmin on Ubuntu 12.04 LTS (Precise Pangolin)

8 awesome pure CSS spinner / loader

Create a fast, perfect and bootable 1:1 Windows backup (full clone of HDD) for SSD migration

Material Design – How Google designed Android L (7min video)

[video] Netflix JavaScript Talks about ECMAScript 7: The Evolution of JavaScript

EOL lists of Ubuntu, Debian and CentOS for your server plannings

[Link] Interesting: Designing a Nuclear Waste Warning Symbol That Will Still Make Sense in 10,000 Years

Two excellent introductions into AngularJS by Todd Motto

Migrating Wikipedia to HHVM (@Scale Conference 2014)

[Link] Interesting: Designing a Nuclear Waste Warning Symbol That Will Still Make Sense in 10,000 Years

Hochlastseiten mit PHP, MySQL und Apache am Beispiel stern.de (deutscher Artikel)

Rare Steve Jobs AND Bill Gates video interview from 2007’s D5 conference (90min)

Google I/O 2014 – HTTPS Everywhere (video)

[Link] Retinafy your Site / Device by Nijiko Yonskai

Preview-release of (my) “php-mvc” project (a simple php mvc barebone)

Quick fix for 404 error in WordPress category / tag page

Adobe releases Firebug-like developer tools to edit and extract PSDs

First look on Gitter, the chat for GitHub

Switching from Java to PHP. Seriously. A very interesting and pre-judice-free talk with Ph.D. Aris Zakinthinos

How to install PHP 7.0 on Ubuntu 14.04 LTS

Hacking ATMs – A conference talk about the current security state of Windows XP driven cash machines

Interesting: code of the same application in PHP, Python, Ruby, Closure, node.js, Java and Go