Can someone explain in detail the steps to increase the max session timeout to something greater than 4 hours? The drop down option in the SERVER - SESSION HANDLING screen, has a max of 4 hours. I'd like to make it 24 hours. I made a change to the sessiontimeout record in the mld_config table, but it did not work. Is there anything else I need to do?
In reply to Luis Mosca
Re: How to increase session timeout to greater than 4 hours?
by Howard Miller -
I've not tried it (!) but in your config.php file, add the line
$CFG->sessiontimeout = 24 * 60 * 60; // 1 day in seconds
...this will override the setting in the admin pages. I can't help thinking that 24 hours is rather a lot.
In reply to Luis Mosca
Re: How to increase session timeout to greater than 4 hours?
by Nitesh Kumar -
HI Luis,
If $CFG->sessiontimeout in config.php won't work for you then you have to do it from code.
1. Open the file moodle/lib/classes/session/manager.php.
2. find the prepare_cookies function.
3. then change session_set_cookie_params(0, $CFG->sessioncookiepath, $CFG->sessioncookiedomain, $cookiesecure, $CFG->cookiehttponly);
to
session_set_cookie_params(86400, $CFG->sessioncookiepath, $CFG->sessioncookiedomain, $cookiesecure, $CFG->cookiehttponly); //for 24 hours
Thanks
In reply to Nitesh Kumar
Re: How to increase session timeout to greater than 4 hours?
by Howard Miller -
I would *strongly* recommend that you do not change core code.
We'll it turned out that we will increase that to about 6 hours instead of the 24. But after further research, it seems that this sessions timeout is getting ignored. We are using Moodle on IIS, PHP, MySQL and using AICC to a separate content server. Our courses have multiple modules and when a user launches a course and sits idle for 30 minutes, the LMS session times out. We've confirmed it is not IIS nor the content server since we've tested the same courses on SCORM Cloud and it does not time out. Does Moodle have other areas that could be causing this time-out at 30 minutes?
In reply to Luis Mosca
Re: How to increase session timeout to greater than 4 hours?
by Howard Miller -
Does it happen using Moodle NOT using AICC content? For example, if you open a page for editing and leave it for (say) an hour and then save. What happens?
Are you *sure* that the session timeout is set correctly? Is this being reported properly on the settings page (even if you've set it in config.php)?
EDIT:
The session timeout depends on cookies, so you should be able to check the Moodle cookies in your browser. There should be two (IIRC) - one for remembering the username and the other for the Moodle session. The lifetime is set here. So, it's possible that a browser plugin or some firewall madness could be behind this.
In reply to Luis Mosca
Re: How to increase session timeout to greater than 4 hours?
by Ryan Desmond -
Did anyone ever figure this out? The 4-hour max session is far too short for our students. (As it appears this is also the case for many other people and organizations.)
Does anyone know if simply adding the following to config.php will do the trick?
$CFG->sessiontimeout = [some int val];
In reply to Ryan Desmond
Re: How to increase session timeout to greater than 4 hours?
by AL Rachels -
Hi Ryan,
You can try it, but it probably will not work. The name, sessiontimeout, is a Moodle configuration setting found in the mdl_config table. If you try to set it for more than 14400 (4 hours) with something like phpMyAdmin, then purge caches and go look at Site administration, search for, sessiontimeout, it will warn you, Invalid current value, show you the invalid value, and then in the setting box it will change it to the default 2 hours.
@Ryan .. if you have vr. 3.5/6.x could try this:
in admin/cli/
cfg.php
php cfg.php --help
[root@server cli]# php cfg.php |grep timeout
sessiontimeout 7200
repositorygetfiletimeout 30
repositorysyncfiletimeout 1
repositorysyncimagetimeout 3
curltimeoutkbitrate 56
block_rss_client_timeout 30
php cfg.php --name=sessiontimeout --set=7500
where 7500 is the number of seconds you desire.
https://www.calculateme.com/time/hours/to-seconds/6
Dunno if it's temp or not ... search config tables to see if it 'sticks'. ;)
But, why?
'spirit sharing', Ken
Thank you, Ken and Al, for your responses.
Ken, I'll give that a try (when I'm back to work). The primary "why" is that I get very regularly complaints from our students that the need to re-login multiple times a day is really frustrating and has lead to them losing their work. I really don't understand why the session timeout would be limited to only 4 hours. The only thing I can find anywhere is that there are "security concerns" which I find to be rather silly. What security concerns? I must be missing something. This isn't an online banking portal. What if everyone had to log into Gmail, Facebook or Instagram or any other site every single time you want to use it? People would use all those services a lot less. (In the case of social media that might not be a bad thing ;) but this is an LMS - we want max usage.)
Allowing students to stay logged in through at least the full day of class seems to me to be obvious. Every single hurdle/inconvenience in between our students and their progress with learning is a problem. And this constant need to log back in is a very regular inconvenience. One for which I see no need.
Thanks again,
Ryan
Welcome!
"security concerns" which I find to be rather silly ...
Hmmmm ... well, you can prove that by allowing (or figuring out a way) where your student sessions *never* time out ... always on ... always connected ... from any device ... from multiple devices ... from any location - uhhhh, I know Google checks and warns if it sees connections from devices not previously used ... does Moodle?
Must not do any maintenance during the academic year .... do your security updates live and without maintenance mode ... Hmmmm ... do a DB dump before that or during that? Should your DB server lock the DB while backing up?
Heck, if I were a student, would I be on/in Moodle all the time? Hey, student ... go get a life!
If I were a student, asking self, Is my success in life dependent upon what's in that Moodle? NO!
Sorry ... tongue in cheek here ... but ....
'spirit of sharing', Ken
In reply to Ken Task
Vs: Re: How to increase session timeout to greater than 4 hours?
by Jakke Lehtonen -
If we keep tongue in mouth ;) out there is a wide world outside the academic world in private sector (and outside of british or american schooling system too...). And there a way longer session time is needed. Moodle isnt' just for schools, colleges and universities anymore - "moodle-dev" tries keep things in that way, though...
Maintenance, DB works etc has nothing to do with longer or long sessions. Or don't you have ever users middle of the night?
Anyway. $CFG->sessiontimeout = 86400 gives an error at session handling page but works.
In reply to Jakke Lehtonen
Re: Vs: Re: How to increase session timeout to greater than 4 hours?
by Visvanath Ratnaweera -
I don't get your point. What is the problem the "world outside the academic world in private sector (and outside of british or american schooling system too...)" has, which will be solved by extending the session timeout beyond 4 hours?
In reply to Ryan Desmond
Re: How to increase session timeout to greater than 4 hours?
by AL Rachels -
Hi Ryan,
Personally, I think 2 hours is really pushing it. You do realize that the time out setting is for 2 hours (or up to 4 hours) of NOT clicking on anything in Moodle? Makes me wonder what the student is doing if 4 hours is not enough.
Depending on who and where you are, it can cost your school a LOT of money. I remember reading of one incident in up-state New York, when I was actively teaching, where a school office worker left their desk while still logged in. A parent came in and started scanning through all the online student info available. Another parent came into the office and caught parent 1 reading records from parent 2's child. Parent 2 sued the school system and won a multi-thousand dollar settlement.
As a computer applications teacher, on more than one occasion, I caught student 2 "messing" with student 1's work, when the student 1's computer was left un-attended and still logged in. Had to buy monitoring/remote control software and change classroom procedures to prevent it from ever happening again.
In reply to Ryan Desmond
Re: How to increase session timeout to greater than 4 hours?
by Fergus Edmunds -
I completely agree, Ryan. Nowadays people want, and expect, to stay logged-in for at least an entire day. (Apart from banking). This means they can use the site several times in the day without the need to keep logging back in. I'm sure most people would prefer 24 session or even several days or weeks.
In reply to Fergus Edmunds
Re: How to increase session timeout to greater than 4 hours?
by Velson Horie -
Has anyone solved this defect? I am working at home on many tasks, and am frequently diverted. I come back to Moodle and it has logged me out. Not only that, it deleted my work position so I have to remember what I was doing and trace back to the assignment etc I was marking, A right pain.
I can understand the potential security problems in multi-user situations, but what about the rest of the world? That is an administrator's problem, not one which should be pushed onto the users' workload.
The world has moved on since this hurdle to efficient working was erected, and it needs to be removed (or at least modified).
Who should be the recepient of this suggestion?
I can understand the potential security problems in multi-user situations, but what about the rest of the world? That is an administrator's problem, not one which should be pushed onto the users' workload.
The world has moved on since this hurdle to efficient working was erected, and it needs to be removed (or at least modified).
Who should be the recepient of this suggestion?
What version of Moodle are you running?
Moodle 3.9.x
Session handling
Timeout default is 8 hours.
which admin can change
There is an option to set for weeks, days, hours, minutes and seconds
https://yoursite/admin/settings.php?section=sessionhandling
'SoS', Ken
In reply to Ken Task
Re: How to increase session timeout to greater than 4 hours?
by Visvanath Ratnaweera -
Indeed! Never seen that before.
Now the next step is to get months and years as the unit of time.
Now the next step is to get months and years as the unit of time.
Thank you. 3.9
My timeout had been set (years ago) to 2 hours, and I had no idea that it could be changed. I have now changed it to 1.5 days which will tide me over the monthly marking campaign.
Is it possible to have different settings for different classes of users?
Also in that setting page, it is possible to store information about current sessions (currently default = No). Does that apply to all users? Does that mean if I log out and re-login, my Moodle view will be set at the point at which I left it? At the moment when I re-login in the middle of a marking session, Moodle forgets all the settings about the group or which student I was marking, but does remember that I was marking Quiz 3 or Assignment 20.
My timeout had been set (years ago) to 2 hours, and I had no idea that it could be changed. I have now changed it to 1.5 days which will tide me over the monthly marking campaign.
Is it possible to have different settings for different classes of users?
Also in that setting page, it is possible to store information about current sessions (currently default = No). Does that apply to all users? Does that mean if I log out and re-login, my Moodle view will be set at the point at which I left it? At the moment when I re-login in the middle of a marking session, Moodle forgets all the settings about the group or which student I was marking, but does remember that I was marking Quiz 3 or Assignment 20.
Remember the setting is global ... all users .. not just you the admin/teacher but all ... including students.
"Is it possible to have different settings for different classes of users?"
No, don't think so.
"... my Moodle view will be set at the point at which I left it?"
Kinda depends on users browser ... cache/cookies etc.
Think modules like SCROM's can be programmed that way but most moodle activities are not SCORM's.
'SoS', Ken
Re-started marking this morning with no hitches - thank you. Much easier.
The guidance note on https://yoursite/admin/settings.php?section=sessionhandling
suggests that the user's Moodle view is held (or not) in a Moodle database, and should (?) be unaffected by my cookies on my PC.
Not having to login so frequently has reduced the urgency of this point.
The guidance note on https://yoursite/admin/settings.php?section=sessionhandling
suggests that the user's Moodle view is held (or not) in a Moodle database, and should (?) be unaffected by my cookies on my PC.
Not having to login so frequently has reduced the urgency of this point.
I have a test site and I am trying to install a zipped plugin which takes me about 30-45 minutes to upload and as soon as I then click to go ahead and install from the zip, I get a timeout. This has happened several times, and every time I start again from scratch.
What do I change to allow it to install?