Go Premium for a chance to win a PS4. Enter to Win


Session Timeout in Classic ASP

Posted on 2010-09-12
Medium Priority
Last Modified: 2012-05-10
Hello experts.

I am trying to increase the time on my forms pages so that folks have time to fill it all out and not get logged out when the session expires.  I am using Classic ASP, MySQL, VBScript on Godaddy's shared hosting on a II7 server.

I have tried both the methods but as none of them are working, I guess I am doing something wrong.

Method 1:        

<% Session.Timeout = 60 %>

Open in new window

Method 2:      My web.config file has the following code:

        <httpErrors errorMode="Detailed" />
        <asp scriptErrorSentToBrowser="true"/>
        <customErrors mode="Off"/>
        <compilation debug="true"/>
	<sessionState timeout="60" mode="InProc"  /> 

Open in new window

But none of these two methods are working as the pages are timing out after about 20 minutes.

Any help will be greatly appreciated.

Question by:driven13
  • 4
  • 3
  • 2
  • +4
LVL 31

Expert Comment

by:Wayne Barron
ID: 33659878
Not sure if it will work on IIS7 or not.
But I use this at the top of my pages

Session.Timeout = 60

That will be 60 minutes.

You can give it a shot and see if it works?

LVL 31

Expert Comment

by:Wayne Barron
ID: 33659879
Should have sleep before I posted.

Sorry about that....
You have already tried it...

Expert Comment

ID: 33659888
you can try it in the IIS setup itself?? not sure if u will hav access..
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

LVL 31

Expert Comment

by:Wayne Barron
ID: 33659891
This might be interesting reading for you here

Good Luck

Expert Comment

ID: 33659948

Change the following time-outs in Internet Services Manager .Choose a value greater than the default of 20.
1. Select Default Web Site > Properties > Home Directory > Application Settings > Configuration > Options.
2. Enable the session state time-out and set the Session timeout for 60 minutes.
3. Select Application Pools > DefaultAppPool > Properties.
4. From the Performance tab under Idle timeout, set Shutdown worker processes after being idle for a value higher than 20.

The default session time-out setting on IIS is 20 minutes but it can be increased to a maximum of 24 hours or 1440 minutes. See Microsoft article Q233477 for details about increasing the timeout in IIS.


When returning to the logon page for Web Interface, users often encounter an Error: Your session with the web-server expired. You have been logged out.

Web Interface 2.0 picks up the session timeout setting from IIS.

Author Comment

ID: 33659955

As per my original post:

"...Godaddy's shared hosting on a II7 server."
Cannot access any of that on a shared hosting.

Expert Comment

ID: 33659978
then update this post to Godaddy support, Only they can help you from server side. This is an issue from server side, They have to mange the IIS/Application pool settings in IIS6.0 / IIS7.0 or 7.5

Author Comment

ID: 33660006
This is not a server side issue even though this can be solved on the server.

My reason for posting here is to find a solution using session variables and scripting.  As I have noted the two methods have been used for the longest time.

Thanx for your input but I think I will wait and see if there are any other solutions to my problems from other folks.

LVL 31

Expert Comment

by:Wayne Barron
ID: 33660166
You might want to read this
http://forums.aspfree.com/asp-development-5/sessions-on-godaddy-180003.html and check out post 5 - 7
Unless you have a dedicated server, then your sessions do not and will not last long.

There has been several people come across EE that I ask this exact question, and they have ended up going with a cookie based solution as GoDaddy will not work with you unless you have a dedicated server with them.

Good Luck, and I hope that you do find a solution in scripting, but I do not think that you will.
BUT, you might.,


Author Comment

ID: 33663823

I read your article when you posted it the first time.  It is a three-year old article.  And I am HOPING someone has figured out solution in the last three years.

Thanx for your input but I am going to wait and see if someone has any other thoughts on this.

Expert Comment

by:Abiel de Groot
ID: 33664895

A while back IIS configuration of base values were store in the Server METAbase file.

Shared hosting would have max limits set not only for Session timeout but even max upload sizes. IIS7 has evolved since MEATAbase days, however, for sure the principal still exists. Individual users can manipulate server resources only within given parameters.

LVL 20

Accepted Solution

Michel Sakr earned 2000 total points
ID: 33665628
Hi driven13

The session timeout on Godaddy shared server is set to 20 minutes and cannot be ovverriden (obvious in order to preserve resources)

Check this confirmation from them on their support forum:


your next option would be to use AJAX in your pages in order to keep the session alive:


Hope this helps

Expert Comment

ID: 33672871
ajax route. its probably your only real option. have ajax calla  page every 10 min or so to be safe.

Expert Comment

by:Abiel de Groot
ID: 33673010
Remember, there are real reasons for limiting Session times. If you have large number of users you could experience slow server responses etc.


Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This demonstration started out as a follow up to some recently posted questions on the subject of logging in: http://www.experts-exchange.com/Programming/Languages/Scripting/JavaScript/Q_28634665.html and http://www.experts-exchange.com/Programming/…
When you see single cell contains number and text, and you have to get any date out of it seems like cracking our heads.
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…
Suggested Courses

972 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question