“That will tell AIDE to track changes to my web server folders, but ignore the logs folder and cache folders.”

and thats exactly why cache should be outside of webroot, and almost everything else as well (plugins etc.) because guess where the next backdoor script is going to be placed..

I host 9-10 wp blogs on a server, all running current. they have been hacked with 0day exploits 3 times in 6 months now. one of the blogs had so many pharma pages added to it that it was bringing the whole server to a crawl from the traffic.