@@ -153,6 +153,8 @@ Configuration
153153 * `name `_
154154 * `save_path `_
155155 * `storage_id `_
156+ * `sid_length `_
157+ * `sid_bits_per_character `_
156158
157159* `templating `_
158160
@@ -899,6 +901,31 @@ This determines the number of seconds after which data will be seen as "garbage"
899901and potentially cleaned up. Garbage collection may occur during session
900902start and depends on `gc_divisor `_ and `gc_probability `_.
901903
904+ sid_length
905+ ..........
906+
907+ **type **: ``integer ``
908+
909+ This determines the length of session ID string. Session ID length can be
910+ between 22 to 256. The default is 32. If you need compatibility you may
911+ specify 32, 40, etc. Longer session ID is harder to guess. At least 32 chars
912+ is recommended.
913+
914+ This option refers to the`session.sid_length` of the `php.ini `
915+
916+ sid_bits_per_character
917+ ......................
918+
919+ **type **: ``integer ``
920+
921+ This determines the number of bits in encoded session ID character.
922+ The possible values are '4' (0-9, a-f), '5' (0-9, a-v), and '6'
923+ (0-9, a-z, A-Z, "-", ",").
924+ The default is 4. The more bits results in stronger session ID.
925+ 5 is recommended value for most environments.
926+
927+ This option refers to the`session.sid_bits_per_character` of the `php.ini `
928+
902929save_path
903930.........
904931
