Manual:$wgCookieExpiration

Cookies: $wgCookieExpiration
Number of seconds before HTTP cookies expire. You can override this for 'Keep me logged in (for up to $1 days)' cookies with $wgExtendedLoginCookieExpiration
Introduced in version:Before 1.1.0
Removed in version:Still in use
Allowed values:(integer)
Default value:1.18–: 30 * 86400
1.19–1.28: 180 * 86400 (r94430)
1.29+: 30 * 86400 (Gerrit change 321592)

Details

The default value is 30 days (30 * 86400 seconds). This means most MediaWiki cookies will last 30 days. This includes login/session cookies when the "Keep me logged in (for up to $1 days)" option is not set. When "Keep me logged in (for up to $1 days)" is set, $wgExtendedLoginCookieExpiration is used instead (although by default that settings falls back to $wgCookieExpiration).

When "Keep me logged in (for up to $1 days)" is not set, login expiry is also limited by $wgObjectCacheSessionExpiry (the session expires when there is no interaction for that time span).

MediaWiki version:
1.22

Since MediaWiki 1.22 setting this configuration variable to 0 makes cookies session-only. This was previously documented as working, but broken.

This is used by WebResponse::setcookie and mw.cookie.set, though an individual cookie can have a custom expiration.

See also