: How to restart Apache without reseting users sessions? User is logged-in a PHP website > I restart Apache > User needs to log-in again. How to prevent this? (I don't want user to need to

@Ogunnowo487

Your session data should not be lost just because Apache is shutdown or restarted unless the session data is being stored in memory and not backed up to disk (either by filesystem or database). Otherwise, you could restart the entire server and the session would still persist. Session data is designed to be stored long-term. The only time the session is lost is if:


The SID is lost. The session data still exists server side, but the client is unable to recover the SID, so cannot reinitiate the same session. This can happen if the SID cookie expires (if it's a cookie) or the session links are lost (if the SID is a URL parameter) or the SID is unset server-side or changed without notifying the client.
The session data is deleted server-side. This typically happens when the PHP Session Garbage Collector runs and sees the session file is older than session.gc_maxlifetime (which is 24 minutes by default). Otherwise, it can happen if the application explicitly deletes the session. On some servers, the administrator may also have configured a cronjob to clean out old session data on a regular basis.

Vote Up Vote Down

@Hamm4606531

Made possible by using the right argument with Apache :

apache2ctl -k graceful


Apache will restart without lose current sessions.

Vote Up Vote Down

@Kevin317

Storing a session token in an alternate location as a backup would prevent this issue. You could still keep your main information in $_SESSION, but keep a backup token in:


Cookies
Database records
HTML5 Local Storage


You might find some help in this StackOverflow question: best practice for session timeouts and persistent login in php.

Vote Up Vote Down