Efficiency: Sessions vs. Cookies

I have a site that gets close to a million page views a day, and I want to have a variable that stores a simple yes/no as users go from page to page (no GET, POST, or Mysql) so I assume my options would either be sessions or cookies.

Since there’s so much traffic, I want to have the site to be as efficient as possible. Which would require less workload for the server? I know that sessions store IDs as a cookie, but is that accessed everytime the session is called?

Simple question:

Do you want the yes/no to be -secure-?

Nope, doesn’t matter

Then the general rule of thumb is that they’re interchangeable, the difference of course being the possibility of permanence/extended lifespan with cookies.

You arnt running this site over a cluster of servers, are you?

No, just on one server. Would simply setting them both up and timing how long each takes to access the value be a good way to gauge which is best?

You need to use a cookie to store the session identifier if you use a session.

If you use cookies, you have to remember that they get sent to/from the server on every page.
If you use sessions, the only thing that gets sent to/from the server is one cookie with the session id.

So, if you have more data in your cookies, that data will be sent to/from the server on every request, and the more cookies you have, the more data is sent to your server, slowing down each request.

On the other hand, your sessions get loaded to your scripts on every request (session_start()), so if your storing them on a hard drive, it could slow down the generation of your pages.

1mill page views per day is not that much, but if you want to optimize the site for better performance, you should look into a few other things:

  • put sessions in memory
  • cache your pages
    – try squid/whatever proxy for static content
    – use a cdn or some other server for your images
    – cache your static html blocks (includes/whatever) in memory
  • profile your app, see where the bottlenecks are
    (plus the standard, cache headers, gzip etc)

A normal php site usually has about 50 requests per sec, but if you cache stuff right, you can go to 500 without a problem (your probably using 20 at peak time, 11 on average).

Hope this helps.

I only have the need for a short string to be stored, so I guess since the cookie’s accessed every time regardless then I’ll go with that.

Thanks everyone!