Laravel Session files not cleaning from the framew

2019-07-10 02:56发布

问题:

I am on a shared host (OVH pro) using Laravel 5.2 on production (PHP 7.0.5).

I am using the file session driver, and everything was working fine on my previous host (with the same app), but since I moved to OVH, the session files keep being created and are never deleted by the PHP garbage collection. I have to manually erase the files (over 5000 files are created per day).

My config/session.php file is set up correctly:

'driver' => 'file',
'lifetime' => 120,
'lottery' => [2, 100],

And my folders storage, storage/framework, storage/framework/sessions are all set with a 0755 permission.

I also override the php.ini by placing those 2 lines at the top of config/session.php

ini_set('session.gc_probability', '5');
ini_set('session.gc_divisor', '100');

It seems to be working fine from what phpinfo() returns:

I contacted my host, but they told me it must have to do with my Laravel app, and they can't help.

Edit: My sessions work fine, I mean that there's only one file created per visitor. The problem is only the fact that the session files are not getting cleaned up, even with a 777 permission.


Even when I put the Laravel session lottery to 100/100, the files are still not getting deleted:

    /*
    |--------------------------------------------------------------------------
    | Session Sweeping Lottery
    |--------------------------------------------------------------------------
    |
    | Some session drivers must manually sweep their storage location to get
    | rid of old sessions from storage. Here are the chances that it will
    | happen on a given request. By default, the odds are 2 out of 100.
    |
    */

    'lottery' => [100, 100],

EDIT: OVH hosting specifics: I use multisites on OVH, and the folders containing each site are placed at the route of my OVH host, and not in the default www folder.

I did that for security reasons, because the www folder is publicly available through mynickname.cluster005.ovh.net and I dont want any of my sites to be publicly available from

mynickname.cluster005.ovh.net/site1

mynickname.cluster005.ovh.net/site2...

(www\site1, www\site2...).

So I was thinking that maybe only the files located inside www folder are writable, and maybe not the one outside (at the root)? That would explain while my files are not being deleted. I'll make a test tonight to see if the files are being deleted when placed in www\site1\storage\sessions.

回答1:

There some step that you can find what's problem is first

  1. Make sure session ID is fixed in every page (echo session id)

if session id was changed every page , you need to check your session config domain setting is correct.

if session id didn't change maybe you need change storage folder premision to 777.

I hope that can help you.



回答2:

If you are using haproxy, consider this answer:

Session files may be created by the haproxy's http health checks.

  1. Check your web access logs to fixed interval access.

111.11.111.1 - - [28/Jul/2016:10:40:30 -0400] 200 "GET / HTTP/1.0" 4 "-" "-" "-"

111.11.111.1 - - [28/Jul/2016:10:40:32 -0400] 200 "GET / HTTP/1.0" 4 "-" "-" "-"

111.11.111.1 - - [28/Jul/2016:10:40:34 -0400] 200 "GET / HTTP/1.0" 4 "-" "-" "-"

  1. Update option httpchk GET / to point to some routes that you could set the session driver to be array on your haproxy.cfg.

  2. add the Config::set('session.driver', 'array'); line to disable creation of session files.


Reference:

  • https://laravel.com/docs/5.1/session#introduction
  • https://serverfault.com/questions/792150/session-files-are-created-every-2-second-running-on-openshift-laravel-php-nginx
  • https://github.com/laravel/framework/issues/726#issuecomment-30595774