I'm wondering, what good is php_value session.gc_maxlifetim? Why not just have a session expire upon not being accessed for x amount of time, then delete them...why keep them around for any longer with maxlifttime?
php_value session.cache_expire 25 <--- mins how long a session is alive
php_value session.gc_probability 20 <--- percentage of time old sessions are deleted
php_value session.gc_maxlifetime 1500 <-- sec how long an expired session is considered trash