This is an old revision of the document!
Table of Contents
AIDE
aide is the tool used track the system files is changed or not, especiall for detect the system is hacked.
Install
sudo apt-get install aide
Init
If only run the init
aide --init
It will log error
Couldn't open file /var/lib/aide/please-dont-call-aide-without-parameters/aide.db.new for writing
So it need some parameters
aide -c /etc/aide/aide.conf --init
Then need to run the follwing command
sudo /etc/cron.daily/aide
Update the config
Check /etc/aide/aide.conf.d, it has lots of config files, I just update `31_aide_dokuwiki` to the correct path, and add the wordpress path. ``` /var/www/dokuwiki/wiki/data/cache/[0-9a-f]/[0-9a-f]{32}\.(feed|i|xhtml)$ VarFile /var/www/dokuwiki/wiki/data/(changes\.log|(index|word)\.idx)$ VarFile /var/www/dokuwiki/wiki/data/meta/([a-z]+\.indexed|_dokuwiki\.changes)$ VarFile /var/www/dokuwiki/wiki/data/meta$ VarDir /var/www/dokuwiki/wiki/data/pages/[a-z]+\.txt$ VarFile /var/www/dokuwiki/wiki/data/(attic|cache|locks|pages)$ VarDir /var/www/wordpress$ VarDir ```