For a CakePHP store application I need a cookie lifetime of 365 days. The app runs on a managed vServer with CentOS 7 and Plesk 18.0.30, PHP 7.3 FPM. The webserver is Apache with nginx as a reverse proxy.
It is about the function that one stores articles in the shopping cart as well as in the notepad for a certain time even if the browser is closed. We have the same CakePHP configuration on another server but it does not work on the server where Plesk is running.
Despite the settings at session.cookie_lifetime the sessions are deleted after exactly one week.
What am I missing in the configuration? Could it be related to Plesk?
Does anybody here have a tip where I could start
If the cookies are designed to be preserved across sessions. Then use application cookies. This will solve the problem.
It is a security breach to hold a session for few hours, not to say a week. The browser will invalidate the session, even if the page is open for few days.