8

The folder var/session keeps constantly very big ammount of data whitch causing a big innode usage on the server,

everytime i delete files from session folder innode usage drops to minimum.

so i want to ask how can i automatically delete those session files every 24h for example.

i just started working with MAgento so i'm a little bit newbie so far so large explanation would be appreciated.

i know i should create a cron job somehow through cpanel or smt like that.

Manthan Dave
  • 9,816
  • 2
  • 31
  • 53
Andrius
  • 81
  • 1
  • 4

5 Answers5

2

If you use a cron job to delete all sessions, you will delete all customer shopping carts and people will leave your site angry.

I suggest you look at your session files and see if they look suspicious.

Try checking where your visitors IP addresses are from here: https://www.iplocation.net/

If, for example, you find a bunch of Chinese IPs and your website is not Chinese, these are probably bots that are wasting your bandwidth. You should block their IP ranges in your Apache settings or in .htaccess.

(I believe you can even do country-based filtering in Apache but I think that it slows down response times. I haven't tried that.)

Magento 1.x (not sure about 2.x) also seems to have a bug where it creates a new session for every request when the client does not accept cookies. So bots like the Googlebot, Bingbot, SemrushBot, and others, all generate huge numbers of session files.

For my server, the only thing I needed to do was get rid of those bot session files. Until I have the time to find and fix the Magento bug, I have a shell script running by cron to remove all session files containing these strings:

  • Googlebot
  • bingbot
  • spider
  • semrush
  • AhrefsBot
  • UptimeRobot
  • spbot
Buttle Butkus
  • 1,318
  • 1
  • 16
  • 35
  • Did you find a solution to fix the bug? I just deleted over 1.2 Mio files, which is just ridiculous. – Marco Jan 26 '18 at 09:48
  • The bash script I wrote to clean up the files worked great at first, but the patterns keep changing so it is a lot of maintenance work. So I’m planning to dig into the code and find the real solution. The code should be checking if the client accepts cookies (because bots don’t accept them) and NOT create a session for those clients. – Buttle Butkus Jan 26 '18 at 10:07
  • Would you mind to share the code, if you are done? At the moment we only have an issue with M2E Pro, Google and Bing. Those 3 things creating heaps of session files. – Marco Jan 26 '18 at 10:09
1

Rather than using custom scripts, it would make more sense to simply make PHP clear them up for you by specifying the right values in your php.ini file. If you ensure that session.gc_maxlifetime has a relatively small value (but >= your session cookie timeout) e.g.1440 and session.gc_probability is set to 1, then the built in PHP session garbage collector should remove the files for you.

Peter O'Callaghan
  • 5,027
  • 3
  • 23
  • 32
  • how do i change them if i cant find php.ini file in Magento ftp directory. i tryed creating file test.php and set those value with ini_set, but strings doest change their values. please help – Andrius Feb 23 '17 at 12:12
  • Its not working,did you have any other solutions?Please help – Jenith Samuel May 23 '17 at 07:02
  • Just create a file naming phpinfo.php inside the Magento ftp directory and put "phpinfo();". Then try to load that one on the browser you will get to know where exactly is the php.ini is located on your server. Then probably you can make these changes easily. – Asheem Patro Jul 19 '17 at 04:45
  • In my case, bots can create thousands of new Sessions per hour. But we want real customer sessions to last weeks or more. So, session cleanup by PHP is not the answer. Magento needs to check that the client accepts cookies (and/or check if the client is a bot) before creating a session, instead of creating a new session for every page load that didn’t sent a cookie. – Buttle Butkus Jan 26 '18 at 10:11
1

Magento save session data of customer in var/session folder if you delete this folder it will delete all customer session data

Let's assume one of your guest customer add 3 product to cart if you delete session data it will remove all 3 product from cart and it's bad experience for customer rather then deleting session data you can save session into database

To use the database for session storage simply have this in your app/etc/local.xml:

<session_save><![CDATA[db]]></session_save>

or you can use redis session/Memcached Session cache to save data in redis cache/Memcached Session

To use a memcached session store in Magento you’ll need to have this in your app/etc/local.xml:

<session_save><![CDATA[memcache]]></session_save>
<session_save_path><![CDATA[tcp://localhost:11211?persistent=1&weight=2&timeout=10&retry_interval=10]]></session_save_path>

For more information about session storage visit this link

Vaibhav Ahalpara
  • 5,249
  • 4
  • 42
  • 81
0

One solution is you can create cron job that is running once per day to delete the files that you want.

Here you can see how to setup cron job: https://askubuntu.com/questions/2368/how-do-i-set-up-a-cron-job

a cpanel tutorial for cronjob: http://support.hostgator.com/articles/cpanel/how-do-i-create-and-delete-a-cron-job

You can create bash or php script which will does operation of deleting files. And put this script in the cron, to be executed 3 or 4am server time, when the server is less used. To test the script is it working you can run it manually.

Community
  • 1
Nikola
  • 460
  • 1
  • 4
  • 16
0

Create an sh file in document root. Put below code inside it.

 #!/bin/bash
 # Shell script for cleaning session
 path=your document_root path goes here
 cd $path
 rm -rf var/session/*

change path with your document_root path without any quotes. Run this code when there is less site hits.

DONE!!

Shyam Krishna Sreekumar
  • 1,375
  • 1
  • 13
  • 22