Huge number of php session files after phpmyadmin installation


I have Virtualmin with Nginx in Ubuntu 18.04.3
I installed phpmyadmin in a user account and after installation there are thaousand of php session files (sess_*) created in /home/user/tmp directory.
Most of these files are empty, but some of them have a string like “PMA_token |s:16:“nrX`,!h;vWgzhRAb”;errors|a:0:{}”
I can understand that it has something to do with phpmyadmin.
I removed phpmyadmin, but the files keep getting created.
Any help hiw to eliminate this ?

Thank you

I have the same issue with php 7.2 and php 7.3.

Both are running as PHP-FPM.

Thank you

I think this happens wherever a site has users logging in, and hence sessions. That would be PHPMyAdmin but also any other site with logged in users, such as Wordpress sites. I recently found 17,000+ session files in one WP site that is quite heavily used, and thats with Apache so it has nothing to do with nginx either.

Once I was sure what these files were, I installed a cron job to delete any session files over a month old. I think PHP should expire them automatically, but it wasn’t doing a very good job of it. If someone knows a better way, I’m listening.

I have same problem.
I don’t know how it came. Maybe it’s because of some plugins or not?
But it’s not sure. If finding a solution and disturbing, please tell. thank you very much.

It’s quite simple to delete them with a cron job.
I created a file in /etc/cron/daily with these contents:

#expire session files more than a week old in /home/*/tmp

find /home//tmp/ -ctime +7 -type f -name "sess" | xargs rm

Adapted from a suggestion I saw posted on another forum, and modified from what I’m actually running now because I’m no longer using Virtualmin and the session files are on a different path. So check code before using!

The +7 sets a file age of 1 week: that can be changed to any number of days you like.
On one busy Wordpress site I have 17000 files even now; I’ve checked and they are all under a week old.