TL;DR: Is there an easy why to monitor directories for new/changed/deleted files?
Details: A simple WordPress website on a virtual server got hacked. Nothing too serious. No important project / data and no real damage. It seems that the some exploit was used to insert some code which allowed to alter some existing files and create new ones.
This should obviously be avoided in the future. Beside the obvious steps (change all passwords, update all software, etc.) I thought about monitoring the web files for changes. Of course this would prevent a new attack but at least it could help to detect it faster. So, while this is should certainly not be the only security measure, it could be a small part of overall security.
Most web files are static and do not change. Beside some log files no new files are created and now existing files are removed during the regular usage.
So, if any files are changed, removed or added, this could be due to an attack. Is there any existing tool to monitor this automatically?
It would be enough to create a list of all current files with there hash values and re-run this test in certain intervals. If any change is detected a notification is send.
Before re-inventing the wheel I wonder if there is already a tool out there, which does this job.