You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The default PHP setup for session storage appears to cause problems in terms of session timeouts in some configurations, and the MISP project's recommendation appears to be to configure PHP to use Redis as the session store. This appears to be referenced in the documentation for the Session.defaults setting in MISP:
The recommended option is php and setting your PHP up to use redis sessions via your php.ini. Just add "session.save_path = 'tcp://localhost:6379'"
Also on this Gitter thread, the guidance is given in response to inquiry about unexpected timeout behavior:
@dspruell Other than the PHP ini, is there anything else that needs to change/be re-configured on the Redis side?
Since Redis is included, if not -- this should be a very small/easy change, with potentially a great benefit.
I have not tried it out, but it seems reasonable and logical.
That's all I think I've come across so far. One other thing I noticed was that the redis server appeared to be listening on 0.0.0.0 rather than 127.0.0.1. I think it may be a combination of these lines, and that this probably exposes it to remote hosts.
Things have been a bit "in limbo" from our side since covid in terms of teams/people available.
My plan is to re-build this whole project with Ubuntu 20.04 and using layers and many new/modern things. (much smaller end image, faster, easier to use, composer, etc)
The default PHP setup for session storage appears to cause problems in terms of session timeouts in some configurations, and the MISP project's recommendation appears to be to configure PHP to use Redis as the session store. This appears to be referenced in the documentation for the Session.defaults setting in MISP:
Also on this Gitter thread, the guidance is given in response to inquiry about unexpected timeout behavior:
https://gitter.im/MISP/Support?at=60495fe1d1aee44e2dda4b46
This appears to be missing from install documents today, but I'm asking about that. Could this change be made to the docker-misp image?
The text was updated successfully, but these errors were encountered: