How to increase session timeout in Blesta

How to increase session timeout in Blesta

The ‘Session timeout’ in an application refers to the event occurring when a user stays idle on a web site during an interval. This time out value is set by the web server and can affect running applications.

When the session times out, the user’s session becomes ‘invalid’ (ie. “not used anymore”) and the web server will destroy it and deletes all the data involved in it.

See how we help web hosting companies

How to choose Session Timeout value in Blesta

Choosing the timeout value for an application should be done with caution. Too high a timeout value can waste server resources and also cause security issues due to attackers hijacking open sessions.

Similarly, too low a timeout value can cause active sessions to expire and cause all the data in it to be lost, if users require some time to complete their work, such as a support ticket submission.

The session can expire when a request is processing, which can lead to annoying customers. Having to re-login multiple times and re-entering their data can end up troublesome to users and admins.

Depending on the requirement of the customers and the web host, the timeout value can be set for the Blesta application of each web host.

[ Take care of your customers, before your competitors do. Get world-class support specialists to delight your customers. ]

How to set Session Timeout value in Blesta

In Blesta, the default Session timeout value is 30 minutes. For web hosts who need to get it increased, we do it via the Blesta configuration file.

The code that manages the sessions in Blesta is ‘components/session/session.php’, which checks the timeout value set in the config file and apply it to the sessions.

In older versions of Blesta, the configuration file is ‘config/session.php’, where the timeout value has to be set. The new versions have a new path for the configuration file, at ‘config/blesta.php’.

Inside the configuration file, set the timeout value in seconds. For instance, for a 1 hour timeout setting, the value we give in the config file would be:

Configure::set('Session.ttl', 3600);

[ Focus on your core business without interruptions. Our tech support experts are here to manage your customers 24/7. ]

At Bobcares, our 24/7 server specialists constantly monitor all the services in the server and proactively audit the server for any errors or corruption in them.

With our systematic debugging approach for service or other software errors, we have been able to provide an exciting support experience to the customers.

If you would like to know how to avoid downtime for your customers due to errors or other service failures, we would be happy to talk to you.




Use Bobcares for your phone support services. Ensure 24/7 coverage for your customers!


Submit a Comment

Your email address will not be published. Required fields are marked *

BUSY WITH TECH SUPPORT ALL DAY? We help web hosts and other web solution providers save time and focus on growth.
Here's how we helped a web host reduce support engagement time from 3 hours to 30 mins per day: