Which apache2/php5 config should I change if I don't want the session to die?

I'm logging my admin like this:

session_start();
$_SESSION['admin'] = TRUE;

When I login and stay inactive for like 10 minutes开发者_StackOverflow社区, then refresh, the session is dead and the admin is logged out.

What do I need to set either in htaccess or in the php file itself so that the session stays alive for at least 8 hours?

Create a file and put <?php phpinfo() ?> in it and check the output.

The value you want to look at is session.cookie_lifetime and session.gc_lifetime.

gc_maxlifetime specifies the number of seconds after which data will be seen as 'garbage' and potentially cleaned up. Garbage collection may occur during session start (depending on session.gc_probability and session.gc_divisor).

In your script that is responsible for starting the sessions, you can put ini_set('session.gc_maxlifetime', 3600); // set session data life to 1 hour or any other time that is suitable for your application.

In fact, you don't want to want the session don't die.

It's against session nature. A session is something what ends by definition.
Lasting admin session for the 8 hours makes no sense.

If you want to auto-renew it - use a cookie. But don't touch session mechanism itself.