I restarted apache,however the session does not expire!

why don't you use session_destroy()?

Remove all files within the temporary directory defined in php.ini.

For those who have:

session.save_handler = files

inside your php.ini file, that we believe you'll automatically, then session data is going to be saved in files. Therefore bouncing the server will not destroy them.

Things I ussually do when I am developing, I produce a page that unsets and destroys all periods. So each time I have to destoy the periods I run the script. eg. www.example.com/destroySession.php

destroySession.php consists of something similar to (only a good example)

session_start();
unset($_SESSION['name']); //If only one session variable is used
session_destroy();