Auto log out of SuiteCRM

Hi, We have an issue where one admin accounts get auto logged out when the page is idle for 15 seconds or so.
For example, I try to create a lead, in the time it takes to complete the fields, you click submit and the page says “You have been logged out because your session has expired.”

We have two admin accounts on our SuiteCRM and it seems that one does it more often than the other but it is a constant problem for both. Does anyone know how I can fix this?

Many thanks for your help.

You can start by checking if your server disk is full.

Then go in SuiteCRM, Admin / Diagnostics / phpinfo, and find out your session.save_path directory.

Then check if that directory is either

  • non-existent
  • full of thousands of files
  • non-writable

Hi, Thanks for your message and sorry for delayed response.

If by server disk you mean web server, I am sure it is not full.

I tried going to your location detailed above but I am not sure what to do. Can you please provide a more indepth explanation?

Please see screenshots below of where I went into:

Unselect all those check boxes except the one saying Output from phpinfo.

Click the button to download the zip, unzip it, then open the resulting HTML file in a browser, and check what it says about session.save_path

Find that directory on your server and examine it.

Thanks for the prompt reply.

There are two columns showing file location - would this be the local value?

Local Value= sessions/
Master Value= /opt/alt/php72/var/lib/php/session

If it is the following sessions/ folder I have 4 files in there which i have downloaded… but i am not sure what to do now.

Further so, my web host suggested to try the following:

Admin>System Settings>Advanced>Validate user IP address: TURN OFF

And it seems to have resolved the issue for now… it doesn’t seem to be logging out constantly.

Would you say this is a practical solution for the above?

If that workaround solves it, then I would say your problem is not related to session.save_path.

Check your values in config.php:

  • host_name
  • site_url

make sure they match your actual site address. I am not sure if this is related to that option you changed, but I am guessing it might…

I have checked the config.php and the details you mentioned are as follows:

'db_host_name' => 'localhost',


“I am not sure if this is related to that option you changed, but I am guessing it might…”
Do you mean the option I changed may have fixed this in the config.php?

After further testing, i do not get logged out after changing this setting:
Admin>System Settings>Advanced>Validate user IP address: TURN OFF

Note that db_host_name is not the same key as host_name.

Your work-around setting is used here:

which calls this function

Having seen that, I don’t think it is related to site_url or host_name. Sorry for misleading you.

Maybe that code can give you some clues about why you’re getting that error in the first place. But at this point I am running out of ideas.

We are having no issues at all since doing the following setting:
Admin>System Settings>Advanced>Validate user IP address: TURN OFF

Since changing this setting, it always stays logged in.

Would you say this a secure method and solution for my issue?

If so, I can’t see any reason to have to investigate any further and hopefully this helps some others that may encounter this issue in the future.

You’re turning off a security feature.

I’m not sure how risky this actually is in real-life, I’m not a security expert…