Most of Linux distributions comes with Linux Auditing Technique that makes it feasible to track file changes.

It’s a useful functionality for sysadmins who need to know who and when  changed sensitive files like /etc/passwd, /etc/sudoers or PHP files.

In the following tutorial I will show you how to track changes on your PHP files:

1. Fist step is creating a MD5 file that corresponding with your PHP files from your website. (for example from /var/www/

We will find all php file from /var/www/ and we wll create a MD5 for every file and save that md5 file in /root

find /var/www/  -name “*.php”  | xargs md5sum > /root/md5-debian-tutorials

The file will look like this: Continue Reading…

Page 1 of 11