Welcome to the LimeSurvey Community Forum

Ask the community, share ideas, and connect with other LimeSurvey users!

Massive session files

  • blocka
  • blocka's Avatar Topic Author
  • Offline
  • Platinum Member
  • Platinum Member
More
1 year 2 months ago #239317 by blocka
Massive session files was created by blocka
Please help us help you and fill where relevant:
Your LimeSurvey version: 3.28.42 221213
Own server or LimeSurvey hosting: Own
Survey theme/template: Default
==================
We have a survey with a lot of questions, and it appears we also have bots that have found the survey URL and are generating 30-50meg session files each time they hit the survey URL. We enabled the captcha feature, but it looks like that is displayed after the session file is created. At one point today, we hit 100 Gigs worth of session files -- which is not sustainable...

Is there a way to prevent the session from being created until after the captcha has been completed correctly?

Or any other work arounds one can suggestion to resolve this issue?

Please Log in to join the conversation.

More
1 year 2 months ago #239327 by jelo
Replied by jelo on topic Massive session files

Is there a way to prevent the session from being created until after the captcha has been completed correctly?
 
The session concept of LimeSurvey is broken and will stay broken in terms of filesize and concept. A session file is created when a client access the survey URL.
And when having a long survey you often extend the session duration which let the amount of space used by the session files grow even more.

Changing the session handler to a database will not change the usage of storagespace used might help to scale out.



 

The meaning of the word "stable" for users
www.limesurvey.org/forum/development/117...ord-stable-for-users

Please Log in to join the conversation.

  • blocka
  • blocka's Avatar Topic Author
  • Offline
  • Platinum Member
  • Platinum Member
More
1 year 2 months ago #239355 by blocka
Replied by blocka on topic Massive session files
The best solution I could find was to set phi.ini to save session files to the user account folder, and then run a script every 15 minutes to delete session files older than one hour.
The one hour was determined by exporting responses and looking at the start/submit datetime for responses, and from there assessing the longest time it took someone to complete their response (max was 15 minutes).
I suppose there is a risk that I could be killing sessions for real people, but these would be significant outliers, since no valid response took longer than 15 minutes from start to finish. 

Please Log in to join the conversation.

Lime-years ahead

Online-surveys for every purse and purpose