head — Preview the Start of Files

Overview

head prints the beginning of a file—by default the first 10 lines. It’s useful for quick inspection of headers, file formats, configuration blocks, CSV columns, and the start of logs or generated output.

Tool Snapshot

• Core Function: Output the first part of files (lines or bytes).
• Primary Benefit: Safe preview without opening an editor or dumping the whole file.
• Where to Use: Configs (wp-config.php, Nginx vhost), CSV/data files, SQL dumps, logs, pipelines.
• Workflow: head [OPTION]... [FILE]... (or read from stdin).

System Check

which head        # Expected: /usr/bin/head
head --version    # Expected: GNU coreutils version output

Core Syntax

head [OPTION]... [FILE]...

If FILE is omitted, head reads from stdin, making it excellent for pipelines.

Options & Flags

Option	What it does	When you’d use it	Example
:-	:-	:-	:
(none)	First 10 lines	Quick preview	head file.txt
-n N	First N lines	More/less context	head -n 50 error.log
-n -N	All but last N lines	Strip trailers/footers	head -n -5 file.txt
-c N	First N bytes	Inspect prefixes / magic headers	head -c 64 file
-q	Quiet (no headers)	Multiple files, clean output	head -q a b
-v	Always show headers	Multi-file clarity	head -v a b
--help	Help	Reference	head --help

Byte mode can be messy

head -c on binary files can print unreadable characters to your terminal. If you need binary inspection, consider piping through xxd.

Common Patterns

Configs (VPS/WordPress)

head -n 60 /var/www/html/wp-config.php

head -n 80 /etc/nginx/sites-available/default

head -n 40 /etc/hosts

Logs (Safe Sampling)

head -n 50 /var/log/nginx/error.log

head -n 20 /var/log/nginx/access.log

head -n 100 /var/www/html/wp-content/debug.log

Pipelines & Sampling Output

ps aux | head -n 10

journalctl -u nginx --no-pager | head -n 50

grep -R "DB_NAME" /var/www/html 2>/dev/null | head -n 5

Bytes & File Headers

head -c 64 /bin/ls | xxd

head -c 200 backup.sql

head -c 32 image.jpg | xxd

Multiple Files

head -n 10 /var/log/nginx/access.log /var/log/nginx/error.log

head -v -n 5 file1.txt file2.txt

Best Practices

• Start with head before opening/editing:

  head -n 50 file

• When sampling noisy output, combine with filters:

  grep -i "error" /var/log/nginx/error.log | head -n 20

• When you need line numbers for a snippet:

  head -n 60 file | cat -n

• Use -v to avoid confusion when previewing multiple files:

  head -v -n 10 a.log b.log

• Use -n -N to remove footers/trailers in generated files (advanced):

  head -n -1 file.txt

head vs tail — which should I use?

• Use head to inspect file beginnings (headers, shebangs, config top blocks).
• Use tail to inspect file endings (recent logs, latest appended lines).
• For live monitoring, tail -F is typically the best choice.

Troubleshooting

Problem	Likely Cause	Fix
:	:--	:-
“Permission denied”	File requires elevated access	Use sudo head ...
Output looks garbled	File is binary or contains non-printing chars	Use `head -c ...	xxdor usecat -A` for text
Too little context	Default is only 10 lines	Use -n 50 or -n 200
Multiple files look mixed	No headers shown	Use -v to show file headers
Command output too long	Sampling not limited	Pipe into head -n N

Avoid leaking secrets

Config files (e.g., wp-config.php) may contain credentials and keys. Don’t paste full outputs into tickets/chats without redaction.

Cheat Sheet

head file.txt                 # First 10 lines
head -n 50 file.txt           # First 50 lines
head -n -5 file.txt           # All but last 5 lines
head -c 64 file               # First 64 bytes
head -v -n 10 a b             # Show headers for multiple files
ps aux | head -n 10           # Sample command output
head -n 60 file | cat -n      # Preview with line numbers

Mini Quiz

1. What does head file.txt output by default?
2. How do you show the first 100 lines of a file?
3. What does head -n -5 file.txt do?
4. How do you safely inspect the first 64 bytes of a binary?
5. How do you preview the first 40 lines of wp-config.php with line numbers?

Show answers

1. The first 10 lines.
2. head -n 100 file.txt
3. Prints everything except the last 5 lines.
4. head -c 64 file | xxd
5. head -n 40 /var/www/html/wp-config.php | cat -n

Worked Examples

About expected output

Actual file contents vary by server. Outputs below are representative.

1) Preview the start of WordPress config

head -n 30 /var/www/html/wp-config.php

Expected output (sample):

<?php
define( 'DB_NAME', 'wordpress' );
define( 'DB_USER', 'wpuser' );
define( 'DB_PASSWORD', '********' );
define( 'DB_HOST', 'localhost' );
...

Use case: Confirm the config file starts correctly and is not corrupted.

2) Preview Nginx site config header

head -n 60 /etc/nginx/sites-available/default

Expected output: (first 60 lines of the vhost config) Use case: Validate server block structure.

3) Sample Nginx access log (first 10 lines)

head /var/log/nginx/access.log

Expected output (sample):

192.168.0.10 - - [17/Feb/2026:10:40:01 +0000] "GET / HTTP/1.1" 200 512 "-" "Mozilla/5.0"
192.168.0.11 - - [17/Feb/2026:10:40:02 +0000] "GET /wp-login.php HTTP/1.1" 200 2440 "-" "Mozilla/5.0"
...

Use case: Confirm log format and fields.

4) Sample error lines only (grep + head)

grep -i "error" /var/log/nginx/error.log | head -n 10

Expected output (sample):

2026/02/17 11:02:44 [error] 1234#1234: *1401 upstream timed out (110: Connection timed out) while reading response header from upstream

Use case: Fast error sampling without dumping the whole log.

5) Preview with line numbers (useful for sharing snippets)

head -n 40 /etc/hosts | cat -n

Expected output (sample):

     1  127.0.0.1   localhost
     2  127.0.1.1   my-vps
     3  ::1         localhost ip6-localhost ip6-loopback

Use case: Share a referenced snippet in a ticket/chat.

6) Sample process list safely

ps aux | head -n 5

Expected output (sample):

USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root         1  0.0  0.1 169340  9300 ?        Ss   10:00   0:02 /sbin/init
www-data  1234  0.1  1.2 523456 48200 ?        S    10:01   0:10 php-fpm: pool www
...

Use case: Quick snapshot without scrolling.

7) Inspect a binary header safely (bytes + hex)

head -c 64 /bin/ls | xxd

Expected output (sample):

00000000: 7f45 4c46 0201 0100 0000 0000 0000 0000  .ELF............
00000010: 0300 3e00 0100 0000 4010 0000 0000 0000  ..>.....@.......
...

Use case: Confirm file type signature (ELF, etc.).

8) Remove a footer/trailer (advanced preview)

head -n -2 report.txt

Expected output: (prints everything except the last 2 lines) Use case: Strip trailing summary lines in generated output (for further processing).