The company that provides our web hosting had an issue last night resulting in all of our sites, including the blog, being down for several hours. I had to manually generate the Daily Feed this morning — cue more errors that need fixing. This will likely be the norm for the next couple of days.
A few weeks after launching (b)log-In I implemented PHP sessions as part of the revised authentication system and discovered that a custom session.gc_maxlifetime can be overridden by default settings unless you also specify a custom session.save_path.
What I didn't know until yesterday was that setting your own path stops garbage collection from removing dead session files after the maxlifetime — I discovered tens of thousands of session files.
I got bored of clearing them out so created a nightly cron job to delete any session files older than the maxlifetime value (1 day) which will help to keep things under control.