How to prevent PHP sessions being shared between different apache vhosts / different applications

When you run multiple applications on one server, you might run into the session-sharing problem: All your applications share the same pool of PHP sessions. This is especially bad when running multiple instances of the same software, like multiple WordPress blogs etc.

Usually, when running multiple applications, you’ll do this with multiple VirtualHosts on your server (i cannot go into detail what a VirtualHost is or how to setup, as you probably already know when reading such an article). The way to go is simple: Set a different PHP session folder for every VirtualHost, like this:

php_value session.save_path "/var/mysessionsforapplication_1"

In this example I’m running two instances of the same application on one server, each one on a different port (you might want to use a domain name here).

<VirtualHost *:81>
    ...
    DocumentRoot /var/www/app1
    <Directory "/var/www/app1">
        AllowOverride All
        php_value session.save_path "/var/mysessionsforapplication_1"
   </Directory>
</VirtualHost>

<VirtualHost *:82>
    ...
    DocumentRoot /var/www/app2
    <Directory "/var/www/app2">
        AllowOverride All
        php_value session.save_path "/var/mysessionsforapplication_2"
   </Directory>
</VirtualHost>

Please note that you need to restart the apache after you’ve changed things like that. Setting up VirtualHosts is a topic on it’s own, so it’s not covered here. In most cases editing

/etc/apache2/sites-available/default

will do the job.

This article was written quite a while ago (10 years), please keep this in mind when using the information written here. Links, code and commands might be outdated or broken.

Random articles

1 Comment

Marcello Kad Cadoni

May 27, 2015 1:24 pm

Why you don’t put this parameter into the Virtualhost tag instead of directory tag?

Reply

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

How to prevent PHP sessions being shared between different apache vhosts / different applications

Random articles

1 Comment

Leave A Comment Cancel reply

PHPStorm 8 has just been released

Vote for “Hack” for HipHop/HHMV support (future style PHP) in PHPStorm 8

Creators of Laravel launch one-click-installations of Laravel (including nginx, PHP 5.5 etc.)

GAMESCOM 2014: Awesome Next-Gen ingame graphics

SASSmeister is a real-time JSfiddle for SASS / CSS. Awesome!

Somebody is writing a compiler for PHP, compiles down to machine code, outperforms HHVM

Adobe offers Photoshop for $9.99 per month (limited deal)

Slides & talks from PHP UK Conference 2014

Frontend Ops Conf 2014 – Keynote by Alex Sexton: “Front End Operations”

GitHub introduces revert button / rollback for merged pull requests

Switching from Java to PHP. Seriously. A very interesting and pre-judice-free talk with Ph.D. Aris Zakinthinos

Dangerous Performance Myths in the Web (video talk by Thomas Lohner, PHPUG Latvia)

How to setup a local server (in a virtual machine) with Vagrant in PHPStorm

Frontend Ops Conf 2014 – Paul Irish: Delivering The Goods In Under 1000ms (40min video)

[Link] How to set up HipHop, Nginx and Laravel in Ubuntu 12.04 LTS (in a Vagrant box)

Support FLARUM, the future of PHP forum scripts (with some dollars on Kickstarter)

How to install the mcrypt php extension (to use Laravel 4)

[german] Modernes Frontend-Development mit Bower, Grunt, Yeoman (45min Video, Thorsten Rinne auf der IPC2013)

How to install GitHub’s, NetBeans’s and Sublime2’s syntax highlighting code colours theme in PHPStorm 6/7

PHPStorm: 42 Tips and Tricks (47min video talk by Mikhail Vink at Dutch PHP Conference 2015)

ilovepreloaders – A tumblr collection of preloader animations

Extremely simple deployment with PHPloy

A quick guideline on how to fix the Hearthbleed bug (and update OpenSSL) on Ubuntu

Creators of Laravel launch one-click-installations of Laravel (including nginx, PHP 5.5 etc.)

How to enable mod_rewrite in Ubuntu 12.04 LTS