After a period of inactivity, the system automatically ends sessions, logging the admin or user out of WHMCS. This period of time is the login session length.

Login Session Length #

Your server’s PHP configuration’s session.gc_maxlifetime value defines the login session length in seconds. The default value is 1440 seconds (24 minutes).

After a login session has been inactive for longer than the defined length of time, PHP marks it as garbage. PHP’s garbage collection will delete the login session file. This logs the user or admin out of WHMCS. They must log in again before making any further changes.

Increasing the Login Session Length #

To increase the login session length, edit the php.ini configuration file on your server to increase the session.gc_maxlifetime value to the desired login session length (in seconds).

Custom php.ini File #

Some server configurations allow you to change the PHP configuration for WHMCS by creating a php.ini file within the WHMCS directory. In that situation, you could add the following line:

session.gc_maxlifetime='3600'

This will increase the login session length to a minimum of one hour.

Multiple PHP Scripts #

According to PHP’s documentation, if multiple scripts store their login session files to the same session.save_path location, PHP will use the shortest login session length. Because of this, if there are multiple PHP scripts on the same hosting account as WHMCS, one may override the value in the php.ini file with a shorter length.

If you observe sessions ending quicker than the defined session lifetime, we recommend separating other PHP scripts out from WHMCS. This will ensure that the system uses the PHP-defined login session lifetime setting.

Last modified: October 29, 2024