PHP 8.1.0 RC 4 available for testing


memcached提供了一个自定义的session处理器可以被用于存储用户session数据到memcached服务端。 一个完全独立的memcached实例将会在内部使用,因此如果需要您可以设置一个不同的服务器池。session的 key被存储在前缀memc.sess.key.之下,因此, 如果你对session和通常的缓存使用了 同样的服务器池,请注意这一点。 译注:另外一个session和通常缓存分离的原因是当通常的缓存占满了memcached服务端后,可能会导致你的session被 从缓存中踢除,导致用户莫名的掉线。

session.save_handler string


session.save_path string

定义一个逗号分隔的hostname:port样式的session缓存服务器池,例如: "sess1:11211, sess2:11211".

add a note add a note

User Contributed Notes 12 notes

nfoo at naver dot com
11 years ago
If you want to use 'memcacheD' extention not 'memcache' (there are two diffrent extentions) for session control,  you should pay attention to modify php.ini

Most web resource from google is based on memcache because It's earlier version than memcacheD. They will say as following

session.save_handler = memcache
session.save_path = "tcp://localhost:11211"

But it's not valid when it comes to memcacheD

you should modify php.ini like that

session.save_handler = memcached
session.save_path = "localhost:11211"

Look, there is no protocol indentifier
Ian Maddox
7 years ago
If you are setting data to the session and it immediately disappears and you aren't getting any warnings in your PHP error log, it's probably because your sessions expired sometime in the 1970s.

Somewhere between memcached 1.0.2 and 2.1.0, the memcached session handler became sensitive to the 30-day TTL gotcha (aka "transparent failover").  If your session.gc_maxlifetime is greater than 2592000 (30 days), the value is treated as a unix timestamp instead of a relative seconds count.

This issue is likely to impact anyone with long-running sessions who is upgrading from Ubuntu 12.04 to 14.04.
richard at fussenegger dot info
8 years ago
The documentation is not complete, you can also pass the weight of each server and you can use sockets if you want. In your PHP ini:


// Sockets with weight in the format socket_path:port:weight
session.save_path = "/path/to/socket:0:42"

// Or more than one so that weight makes sense?
session.save_path = "/path/to/socket_x:0:42,/path/to/socket_y:0:666"


And if you should ever want to access these servers in PHP:


= explode(",", ini_get("session.save_path"));
$c = count($servers);
for (
$i = 0; $i < $c; ++$i) {
$servers[$i] = explode(":", $servers[$i]);
$memcached = new \Memcached();
call_user_func_array([ $memcached, "addServers" ], $servers);

Andrei Darashenka
12 years ago
This extension supports Session-locking!

by default
MEMC_SESS_LOCK_WAIT       100000
taubers at gmail dot com
9 years ago
If you are using the memcache class for session handling your key is the PHP session ID.  This is different than when using the  memcached class.

Example with memcache:
GET nphu2u8eo5niltfgdbc33ajb62

Example with memcached:
GET memc.sess.key.nphu2u8eo5niltfgdbc33ajb62

For memcached, the prefix is set in the config:
memcached.sess_prefix = "memc.sess.key."
madalin at mgiworx dot co dot uk
6 years ago
short mention: Memcached has authentication support.
benoit dot delmotte at gmail dot com
4 years ago
in case of multiples memcached servers,
the separator is a semicolon ( ; ) not a comma as written

session.save_path = "sess1:11211; sess2:11211"
atesin > gmail
1 year ago
moderator please merge these posts

an errata to my comment done on 2020-07-28 01:06 about tmpfs session dir...

the tmpfs directory i used to install session files is "/run" not "/tmp"...  as /tmp is auto (or manual) deleted sometimes
atesin > gmail
1 year ago
memcached is great, is lightning fast, very versatile and useful, scalable, and is a must have for many projects

but if you only want speed to minimize session file blocking there is also a good alternative, tmpfs

maybe if you are in debian you already had session directory in tmp (mounted as tmpfs), but beware of daily cleaning process that can mess up your sessions

you can use this trick if you are in centos/other (like me) or even if you are in debian but want to get ride of /tmp cleaning task

i realized in my system /run is also mounted as tmpfs, so i shut php-fpm down, moved my php session dir to /tmp/, reconfigure php and start again... (you can adapt it to your situation)

  systemctl stop php-fpm
  cp -a /var/lib/php/session /tmp/php-session
  vim /etc/php-fpm-d/www.conf
  php_value[session.save_path] = /run/php-session
  systemctl start php-fpm

the only drawback is tmpfs is VOLATILE, just like memcached (data is lost on unmount/shutdown/power fail), to  circumvent this risk i wrote another service that restores/backup php session dir before/after php starts/stops... (UNTESTED!)

  vim /etc/systemd/system/php-session-backup.service
  # basic persistence for tmpfs php sessions
  Description=PHP tmpfs sessions backup/restore on shutdown/boot
  ExecStart=rm -fr /run/php-session
  ExecStart=cp -fa /var/lib/php/session /run/php-session
  ExecStop=rm -fr /var/lib/php/session
  ExecStop=cp -fa /run/php-session /var/lib/php/session
  systemctl enable php-session-backup

you can also complement this with a daily backup task in case of system crash so you will lose just one day

  crontab -e
  0 4 * * * rm -fr /var/lib/php/session;cp -fa /run/php-session /var/lib/php/session

this is very rough though, you can better use inotify + rsync, could take some ideas from here
velazcomtz dot miguel at gmail dot com
2 years ago
Is important to address that memcached is not concurrent just as regular PHP sessions.

If you have two tabs and one of them takes too long to respond and try to log out on the second, the memcached server won't respond.
sstratton at php dot net
10 years ago
While the previous poster has a point that Memcached can and will cleanup to make room for it's keys, the likelihood of active sessions (due to the likelihood that they will be written to again within 30 seconds) is fairly low provided you have your memory allocation properly alloted.
me at nileshgr dot com
7 years ago
It seems a few people think saving sessions in memcache is more secure compared to saving in file-system (/tmp) especially when the discussion is about shared hosting.

This is not true. memcache has NO authentication; everybody & anybody can read session.save_path (which will contain the memcached daemon address).

FastCGI (PHP-FPM) is much much better when you're considering security and shared hosting.

If you want to share sessions across multiple servers transparently without having headaches of adding custom handlers, you can use NFS or something similar.
To Top