7 July 2024

Emptying a File Without Deleting it

Working in IT, there will be a day when you will need to purge a file on one of your systems. As an administrator, managing file sizes and content is crucial for maintaining the system performance and stability you require. Regardless of what you call it – emptying, clearing, wiping, purging; There are various reasons why you might want to clear a file without actually deleting it:

  1. Log Management: Logs can grow excessively large, consuming valuable disk space. Clearing logs without deleting them ensures continuity in logging.
  2. Data Reset: Some applications might require periodic resets while keeping the file structure intact.
  3. Error Resolution: Clearing files with erroneous or corrupted data can be a quick way to restore normal operations without affecting the file’s existence or permissions.

Here are nine methods to empty a file from the command line:

  1. Using the truncate Command:
    The truncate command can be used to resize files. Setting the size to zero effectively clears the file.
   truncate -s 0 file.txt

This command is straightforward and efficient for emptying a file while preserving its metadata.

  1. Using the echo Command:
    The echo command can output an empty string to a file, thereby clearing its contents.
   echo -n > file.txt

The -n option ensures that no newline character is added, leaving the file empty.

  1. Using Vim Editor:
    Vim, a powerful text editor, can also be used to clear a file.
    Open the file with vim.
    In Vim, type the following command to delete all lines:
vim file.txt
:1,$d 

This command deletes all lines from the first to the last line in the file.

  1. Using the dd Command:
    The dd command is useful for low-level data manipulation and can clear a file by reading from /dev/null.
   dd if=/dev/null of=file.txt

This reads from /dev/null and writes to file.txt, making it empty.

  1. Using the cp Command with /dev/null:
    The cp command can replace the file’s contents with the empty contents of /dev/null.
   cp /dev/null file.txt

This is an efficient way to clear a file while maintaining its attributes.

  1. Using the > Operator:
    The simplest method involves using the redirection operator to truncate the file.
   > file.txt

This method is quick and commonly used for clearing file contents.

  1. Using the cat Command:
    By redirecting the contents of /dev/null to the file, you can clear its contents.
   cat /dev/null > file.txt

This is another straightforward method to empty a file.

  1. Using the : (Colon) Command:
    The colon (:) is a built-in shell command that does nothing but return a true exit status. When combined with the redirection operator, it can clear a file.
   : > file.txt

This command is both simple and efficient for emptying files.

  1. Using the sed Command:
    The sed command can delete all lines in a file.
   sed -i d file.txt

The -i option tells sed to edit the file in place, and the d command deletes all lines.

Conclusion

Emptying files without deleting them is a common administrative task in Linux. Each of these methods allows you to clear file contents while preserving the file itself, along with its permissions and ownership. Whether you are managing log files, resetting data, or addressing errors, these commands provide efficient ways to handle files without removing them. The choice of method simply depends on your specific needs and the tools you are comfortable with. Hopefully this helps you somewhere in your day-to-day linux administration.

1 April 2022

Bitnami Start or Stop Services

I found a great Bitnami Docs KB article describing how to check the status of, and stop/start/restart the services running on your Bitnami instance.

Each Bitnami stack includes a control script that lets you easily check the status of, stop, start and restart services.

These are the commands that you would use. If you use them as-is below it will perform the specified action against all the Bitnami services on your instance.

sudo /opt/bitnami/ctlscript.sh status
sudo /opt/bitnami/ctlscript.sh start
sudo /opt/bitnami/ctlscript.sh stop
sudo /opt/bitnami/ctlscript.sh restart

Or use any of the above against a single service that is running, such as Apache only, by passing the service’s name as an argument after the desired action, such as restart.

sudo /opt/bitnami/ctlscript.sh restart apache

The easiest way to learn the names of the services that are on your Bitnami instance is by simply checking all of their statuses with the status command as it returns the names of all the services on your instance.

sudo /opt/bitnami/ctlscript.sh status
13 November 2021

Adding a wildcard SSL certificate to your WordPress site

So this one threw me for a little bit of a loop when I was first trying to figure it out, even though it shouldn’t have. I was just overthinking it. There was plenty of documentation out there for adding a certificate to a single site, but there is not much when it comes to adding a wildcard certificate to a multi-site WordPress install. I guess that was where I had gotten confused. For reference, this was the specific KB article that helped me the most.

For folks that don’t know what I’m talking about, a multi-site install is one where you can host different WordPress sites on the same server. Meaning that site1.<yoursite>.com and site2 .<yoursite>.com could both reside on the same server even if they are about completely different content. Thus you would only have to cover the cost to host one server, instead of paying for two, one for each host. Yes, they do share some resources, so there are some possible drawbacks… But for most personal sites it should not really be an issue for a few sites to share the same host.

You will need OpenSSL installed on your machine before we continue. It’ll likely already be installed if you are using LInux. If it’s not installed please use your OS’s package manager to install it.

Generate a new private key:

sudo openssl genrsa -out /opt/bitnami/apache2/conf/server.key 2048

Use that key to create a certificate:
***IMPORTANT: Enter the server domain name when the below command asks for the “Common Name”.***

sudo openssl req -new -key /opt/bitnami/apache2/conf/server.key -out /opt/bitnami/apache2/conf/cert.csr

Send the cert.csr file to your Certificate Authority (CA). After they complete their validation checks, they will issue you your new certificate.

Download your certificates. You should have received two files, one was your new certificate and the other file is the CA’s certificate. Rename them as follows:

  • STAR_YourSite_com.crt –> server.crt
  • STAR_YourSite_com.ca-bundle –> server-ca.crt

Backup your private key after generating a password-protected version in the pem format.

sudo openssl rsa -des3 -in /opt/bitnami/apache2/conf/server.key -out privkey.pem

Note: To regenerate the key and remove the password protection, you can use this command:

sudo openssl rsa -in privkey.pem -out /opt/bitnami/apache2/conf/server.key

We’re almost done. Next you’ll open the Apache configuration file to verify it’s setup to use the certificates you just uploaded. The config file can be found at: /opt/bitnami/apache2/conf/bitnami/

Scroll down until you find “<VirtualHost _default_:443>” and verify that it is pointing to the correct certificate, key, and CA certificate bundle that you uploaded earlier. You should find the below lines, if you don’t, go ahead and add them.

SSLCertificateFile "/opt/bitnami/apache2/conf/server.crt"
SSLCertificateKeyFile "/opt/bitnami/apache2/conf/server.key"
SSLCACertificateFile "/opt/bitnami/apache2/conf/server-ca.crt"

Note: It’s easiest to use these default names and not a custom name for these files. If you use a custom name you might need to update that name in other spots of the Apache config file, and you’ll have to google that on your own. If your cert/key is using another name, I recommend just renaming them to the default names above that Apache uses.

After we have copied our files over and have verified that the Apache config file is correct, we are going to update the file persmissions on our certificate files. We will make them readable by the root user only with the following commands:

sudo chown root:root /opt/bitnami/apache2/conf/server*
sudo chmod 600 /opt/bitnami/apache2/conf/server*

Open port 443 in the server firewall. If you’re using Bitnami you can reference this KB.

Restart your server.

Once it comes up, you should now be able to connect to your site using HTTPS.


  • If you are looking for where to purchase an SSL certificate, check out SSLs.com. I use them for my projects. I’ve shopped around, and they have the best deals that I have found anywhere on the Internet.
23 April 2021

WordPress tweaks

(Updated 12/6/2021) Here are a few tweaks that I have found and use on my WordPress installs to harden them and improve security. This post is mostly for my own benefit – for when I have to stand up a new server and can’t recollect what I did to my current server/site…. That said, I hope it helps you too.


Please note: While these work for me… I can not guarantee they will work for you.
Please make a backup of your site before you make any changes. I’m not responsible for any changes you make.


  1. Follow my post about adding a SSL certificate to your site.

2. The one comes from the ReallySimpleSSL plugin. It’s a great plugin to use to migrate your site to SSL. Anyways, in one of their articles (link) they go over some settings to add to your site’s htaccess file. Please read their article, before adding the following lines so you understand what each is doing. (Just for reference, here is an article describing how the htaccess file works). If you are running bitnami, try look in “/opt/bitnami/apps/wordpress/conf”.

Header always set Strict-Transport-Security: "max-age=31536000" env=HTTPS
Header always set Content-Security-Policy "upgrade-insecure-requests"
Header always set X-Content-Type-Options "nosniff"
Header always set X-XSS-Protection "1; mode=block"
Header always set Expect-CT "max-age=7776000, enforce"
Header always set Referrer-Policy: "no-referrer-when-downgrade"

Another header that now needs to get added to your htaccess file is a “permissions-policy”, more info can be found here.

Header always set Permissions-Policy "geolocation=(); midi=(); notifications=(); push=(); sync-xhr=(); accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=(); usb=(); xr=(); speaker=(self); vibrate=(); fullscreen=(self);"  

After updating your htaccess file, restart your apache service using the command below,

sudo /opt/bitnami/ctlscript.sh restart apache

Then scan your site’s headers using SecurityHeaders.com to verify that you pass with an A+.

3. A backup/restore solution for your site. I use and recommend the plugin called UpdraftPlus.

4. A solution like WPS Hide Login to hide the normal login page. This will help reduce login attempts done by bots.

5. A firewall and malware scanner solution like Wordfence.

6. Run your site’s URL thru the Qualys SSL Server Test, and address any SSL shortcoming the server might have.

That’s it for now. I’ll try to update this post with more tweaks and hardening suggestions as I implement things.

25 March 2020

Bitnami – Set timezone

Having the correct timezone configured on your machine can save you a lot of “math headaches” when you try to comb through the machine’s event logs. It’s a pretty easy thing to configure in the overall scope of all things, yet it is one that is often over looked, even by veteran users. Never fear though… I will show you how you too can update your Bitnami instance to your preferred timezone.

Lets begin by logging in with ‘root’ priviledges to your Bitnami instance.
Once logged in, use the following command to see what timezone you are currently set to use.

date

As you can see in my example, I am currently set to the UTC timezone, also known as Universal Time.

To find our desired timezone and reconfigure this, we need to enter the following command.

sudo dpkg-reconfigure tzdata

Once you’ve entered the command above and hit ‘Enter’ it will launch a menu were we can find and select your desired timezone. I will changing my Bitnami instance to use the ‘Pacific\Honolulu’ timezone, also known as HST.

Once you click ‘OK’, the machine will show you that it has updated it’s clock to use your desired timezone.

You can further verify that your clock is set correctly by running the ‘date’ command again, just as we had at the beginning of this post.

date

Just like that, we have updated the timezone preference in Bitnami. It was simple to do just as i promised. No more “math headaches” for us when we read log timestamps!!!

NOTE: If you are just trying to update your timezone for WordPress that is running on Bitnami, then check out this post of mine: WordPress – Set Timezone

Category: AWS, Bitnami | LEAVE A COMMENT
30 November 2019

Bitnami – Disabling TLS v1.0 & v1.1

I was surprised when I ran the Qualys SSL Labs scan against my website that I got a lower score than I expected. The SSL Labs scan is a FREE deep analysis of the SSL configuration of your public facing website, that returns a score and grade of your server. It also provides some suggestions as to what you can do to improve your server’s score.

Well, it turns out there are two things that were hindering my score. One is easy to fix via a configuration change in Bitnamo, I’ll cover that in this article. The other isn’t necessarily hard, but it involves a DNS record known as a CAA, which I’m not going to cover in this article.

The quick easy fix was to change the versions of TLS that I allowed my server to use, by disabling the older versions of the TLS protocol, v1.0 and v1.1.

I used WinSCP to connect to my server, and went to the file. /opt/bitnami/apache2/conf/bitnami/bitnami.conf

Within the file you can set/remove the “SSL Protocol” directive. In my case, I set it to SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1

Once that change has been saved, all that’s left is to restart Apache. You can restart connecting over SSH to your server and issuing the following command sudo /opt/bitnami/ctlscript.sh restart apache

After you see Apache restart, go ahead and re-scan your website. I found that for my website, my score increased and thus my grade was better after disabling the older versions of TLS. Success!

11 November 2019

Removing the Bitnami bannner image

On a new install of WordPress on Bitnami, you’ll have a small little banner image displayed in the lower right corner of your webpage.

To remove it, you can find instructions in Bitnami’s online documentation. https://docs.bitnami.com/aws/how-to/bitnami-remove-banner/

To remove the banner link you can complete these steps:

  • Log in to into your server console using SSH and execute the following command. sudo /opt/bitnami/apps/wordpress/bnconfig --disable_banner 1
  • If you get the response: “command not found”. Try using this command instead and it should work. sudo /opt/bitnami/apps/wordpress/bnconfig.disabled --disable_banner 1
  • Restart the Web server.
    • If you’re using Apache, execute the command below: sudo /opt/bitnami/ctlscript.sh restart apache
Category: AWS, Bitnami | LEAVE A COMMENT