What are the best practices for setting session cookie lifetimes in PHP to optimize user experience and security?

Setting appropriate session cookie lifetimes in PHP is crucial for optimizing user experience and security. A shorter session cookie lifetime can enhance security by reducing the window of opportunity for attackers to hijack a session. However, too short of a lifetime can lead to a poor user experience with frequent logouts. It's important to strike a balance between security and usability by setting a reasonable session cookie lifetime.

// Set session cookie lifetime to 1 hour
ini_set('session.cookie_lifetime', 3600);

// Start the session
session_start();