PHP-FPM save sessions in memcached

Question

I'm trying to switch my session_handler to memcached, I'm not sure if it worked, it does not look like it did.

vi /etc/php5/fpm/php.ini

session.save_handler = memcached
session.save_path = unix://run/memcached/memcached.sock

/etc/init.d/php5-fpm restart

After hitting my blog a few times, I should have a key in the memcached, shouldn't I?

nc -U /run/memcached/memcached.sock

giant:~# nc -U /run/memcached/memcached.sock
stats items
END
stats slabs
STAT active_slabs 0
STAT total_malloced 0
END

phpinfo():

session.gc_probability  0   0
session.hash_bits_per_character 5   5
session.hash_function   0   0
session.name    PHPSESSID   PHPSESSID
session.referer_check   no value    no value
session.save_handler    memcache    memcache
session.save_path   unix://run/memcached/memcached.sock unix://run/memcached/memcached.sock
session.serialize_handler   php php
session.upload_progress.cleanup On  On
session.upload_progress.enabled On  On
session.upload_progress.freq    1%  1%
session.upload_progress.min_freq    1   1
session.upload_progress.name    PHP_SESSION_UPLOAD_PROGRESS PHP_SESSION_UPLOAD_PROGRESS
session.upload_progress.prefix  upload_progress_    upload_progress_
session.use_cookies On  On
session.use_only_cookies    On  On
session.use_trans_sid   0   0

Can someone lead me to the correct configuration please?

If You do not plan to run memcached in cluster, then I suggest to store sessions in ram (tmpfs). usually `/dev/shm` — Guntis, May 22 '15 at 06:10
@Guntis that's a great idea too. But I don't like the session garbage collection via cronjobs in php. — Daniel W., May 22 '15 at 08:16
@DanFromGermany: as opposed to no gc'ing at all when storing sessions in memcached. btw: there is an internal gc-mechanism, the cronjob was introduced for more security on multiuser systems, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=267720 — r_3, Jun 22 '15 at 12:57
@r_3 memcached does gc using TTL. I use HHVM now which deals yet differently with sessions. — Daniel W., Jun 22 '15 at 13:25
i wouldn't call memcaches lru alg a garbage collector. it's more like taking out the trash only if the dustbin is completely full as compared to when it starts to smell. — r_3, Jun 22 '15 at 14:06

score 0 · Accepted Answer · answered Feb 13 '14 at 11:33

0

Did not work:

session.save_path = unix://run/memcached/memcached.sock

Did work:

session.save_path = "/run/memcached/memcached.sock"

Quotes added, protocol removed

answered Feb 13 '14 at 11:33

Daniel W.

1,439
4
23
46

1

for `TCP`, use following: `session.save_path='tcp://127.0.0.1:11211, tcp://192.168.1.2:11211'` – alexus Feb 17 '15 at 16:23
Guys, is it actually secure to do that? Memcached doesn't have any auth in front of it. – t1gor Apr 28 '15 at 14:00
2

Memcached is secured through the network layer or when you deploy it via unix socket, no other server can access it. – Daniel W. May 22 '15 at 08:15

PHP-FPM save sessions in memcached

1 Answers1