In terms of security (or other issues), what are the general recommendations / rules of thumb re PHP session length. A client with an Ecommerce website requested a 3day session length.
There are no general rule of thumb for this, depends on application build. For example:
- For bank website: 15/30 Seconds might be appropriate
- For a simple CMS application: 15 minutes long session is good enough.