Elxis CMS Forum
Support => Security => Topic started by: jorgebravoc on July 25, 2011, 03:07:09
-
Hello pals:
I have noticed that my website has way too many users "logged in" but they are all visitor as I am the only user that is actually logged in as a user.
Currently Logged in Users
There are 8335 users and visitors online.
So I wanna know how to get rid of this... I think that it is slowing down the loading time of my website.. is not bad but there is a short delay when loading the graphics. Anybody knows how to flush these connections? From what I see a few are real visitors but others seem to be robots or crawlers... so annyoing.
I have Elxis 2009 the one just before Aphrodite and I haven´t updated to Aphrodite cause there is no patch released and I sure won´t uninstall the current version and install a new one, instead I will make the changes indicated in this topic: https://forum.elxis.org/index.php?topic=5144.0
I hope that would be enough in terms of "updating" but does anybody know how to get rid of this too many users problem? and how to prevent from being slammed by "visitors" that I´m sure are not real people.
Thanks a lot
-
Most probably session.save_path php configuration option is not writeable or not existing folder, so in each click a new session is being generated as the previous one can not be stored. You should fix this option.
Elxis administration -> System -> php settings -> see the value of session.save_path directive. Contact your web hosting provider for more.
-
I contacted my hosting provider and they said that the tmp folder is writeable and I see the folder, so it does exist and it is writeable.... it might be something different going on...
-
The tmp folder might be writeable but are you sure that your session.save_path is set to that folder??? If open base dir restriction is enabled in your server the tmp folder must be inside your allowed paths. Please login in elxis admin, go to system infrmation and copy-paste me here the local value of session.save_path. I am almost sure that sessions on your server are not propebly configured...
-
I sent you a private message with my settings Datahell
-
There are 8335 users and visitors online.
.... From what I see a few are real visitors but others seem to be robots or crawlers... so annyoing.
you see the total number of users on the counter on the site?
you may have set too high for the lifetime of the cookie
administration-->Global Seting-->Server-->Login Session Lifetime
the more time the more visitors to the site is listed, but they are not on site
-
Login Session Lifetime has to do with users (not visitors) who has already logged in on your website, wbread.
This issue occurs from session.save_path settings - permissions.
-
I have considered all the visitors, after a decrease in the Login Session Lifetime, the number of online users(visitors) greatly reduced
on the counter on the site and on the admin page - users, visitors and bots
-
I tried to reduce the session lifetime to 990 from 990000 ( I just did't want to get logged out after a while being working on the site from backend).... so now I have 9 visitors which is much more healthy than 8,000... so I hope this helps from now on.
Thanks a lot !!
-
...session lifetime to 990 from 990000...
990.000 seconds is 11,5 days.... :o This is why you had too many visitors...
-
I just did't want to get logged out after a while being working on the site from backend
1800 = 30min
usually enough, but 15 minutes enough, more often to keep the article in the writing
-
I guess I learned the hard way.... thanks again for the support