Stop Using File-Based Sessions: How to Scale PHP with Redis 2.6 on CoolVDS
If you are running a high-traffic Magento store or a custom PHP application on standard shared hosting, you have likely hit The Wall. You know the one: your CPU load is low, your RAM is free, but your site is hanging for 5-10 seconds per page load. You blame the database. You blame the network. But you are looking in the wrong place.
The bottleneck is your hard drive. Specifically, how PHP handles sessions by default.
In this guide, we are going to fix this permanently by moving your session storage to memory using the newly stable Redis 2.6. We will cover the exact configuration you need to deploy on a CoolVDS KVM instance to handle thousands of concurrent users without breaking a sweat.
The Silent Killer: session_start() Locking
By default, PHP saves session data to the disk, usually in /var/lib/php/session. This works fine for your personal blog. It is catastrophic for e-commerce.
When a user hits your site, PHP calls session_start(). This function locks the session file on the disk using flock(). If that user opens three tabs—or if an AJAX request fires while the main page is loading—the subsequent requests must wait until the first one finishes and releases the lock.
Now, imagine 500 concurrent users on a server with a spinning 7200 RPM SAS drive (or even a cheap SATA SSD). The I/O wait (iowait) spikes. Your web server worker processes (Apache or PHP-FPM) pile up, waiting for the disk. Your site dies. Not because you ran out of processing power, but because your file system couldn't keep up with the locking overhead.
The Solution: Redis 2.6 (In-Memory Performance)
Redis (Remote Dictionary Server) is an advanced key-value store. Unlike Memcached, Redis handles persistence, meaning your users won't get logged out if you restart the service (if configured correctly). With the release of Redis 2.6 in October 2012, we now have a stable, production-ready platform that supports Lua scripting and better memory management.
Step 1: Get the Right Hardware
Do not try this on a cheap OpenVZ container. You need guaranteed memory and dedicated kernel resources to tune the TCP stack properly. CoolVDS offers pure KVM virtualization with dedicated RAM allocation. For production, I recommend our Enterprise SSD tier. While Redis is in-memory, the persistence logs (AOF/RDB) need fast disk writes to ensure durability without stalling the event loop.
Step 2: Installing Redis and the PHP Extension
On a CentOS 6.3 system (standard for enterprise), the repositories are often outdated. We will use the EPEL repository and PECL to ensure we aren't stuck with ancient software.
# Install EPEL repository
rpm -Uvh http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
# Install Redis server
yum install redis
# Start Redis and set to start on boot
chkconfig redis on
service redis start
# Install PHP development tools needed for compiling extensions
yum install php-devel pcre-devel gcc make
# Install the phpredis extension via PECL
pecl install redis
Once compiled, you need to enable the extension. Create a new file at /etc/php.d/redis.ini:
; Enable Redis extension
extension=redis.so
Step 3: Configuring PHP to Use Redis
Now we tell PHP to stop using the file system. Open your php.ini (usually /etc/php.ini) or your pool configuration in /etc/php-fpm.d/www.conf.
You need to change two directives. We are using the TCP protocol to connect to the local instance.
[Session]
; Use redis as the save handler
session.save_handler = redis
; Point to your local Redis instance
; We use a weight of 1, and a timeout of 2.5 seconds
session.save_path = "tcp://127.0.0.1:6379?weight=1&timeout=2.5"
Restart your web server:
service httpd restart
# OR if you are using Nginx + PHP-FPM
service php-fpm restart
Pro Tip: Persistence vs. Speed
Out of the box, Redis might be configured to save the database to disk every second, or only after many changes. For sessions, you have a trade-off. If the server crashes, do you care if users lose their shopping carts?
Configuration Advice: For a balance of speed and safety, use RDB snapshots. Open/etc/redis.confand verify these lines:
save 900 1(Save after 900 sec if 1 key changed)
save 300 10(Save after 300 sec if 10 keys changed)
save 60 10000(Save after 60 sec if 10,000 keys changed)
If you are paranoid about data loss, enable AOF (Append Only File), but be warned: on high-write systems, this increases disk I/O. On CoolVDS KVM instances backed by Enterprise SSDs, the I/O penalty is negligible, but on standard spinning rust, AOF can slow you down.