aide is the tool used track the system files is changed or not, especiall for detect the system is hacked.

sudo apt-get install aide

If only run the init

aide --init

It will log error

Couldn't open file /var/lib/aide/please-dont-call-aide-without-parameters/aide.db.new for writing

So it need some parameters

aide -c /etc/aide/aide.conf --init

Then need to run the follwing command

sudo /etc/cron.daily/aide

Check /etc/aide/aide.conf.d, it has lots of config files, I just update `31_aide_dokuwiki` to the correct path, and add the wordpress path. ``` /var/www/dokuwiki/wiki/data/cache/[0-9a-f]/[0-9a-f]{32}\.(feed|i|xhtml)$ VarFile /var/www/dokuwiki/wiki/data/(changes\.log|(index|word)\.idx)$ VarFile /var/www/dokuwiki/wiki/data/meta/([a-z]+\.indexed|_dokuwiki\.changes)$ VarFile /var/www/dokuwiki/wiki/data/meta$ VarDir /var/www/dokuwiki/wiki/data/pages/[a-z]+\.txt$ VarFile /var/www/dokuwiki/wiki/data/(attic|cache|locks|pages)$ VarDir /var/www/wordpress$ VarDir ```

1. https://www.iamle.com/archives/1664.html