Piggy – it’s similar, but AIDE goes further.

First of all, AIDE has a database of file checksums. It runs md5 and various other checksum algorithms on the files you list, and uses that checksum to figure out what files have changed. The plugin above simply checks the file modification time which can be easily spoofed using touch().

Second, AIDE has to be run as root (well, you could install it in a home directory as an ordinary user too, but I digress) which offers some protection against the database being compromised by the webserver user. Even if a PHP application recorded md5 checksums of all it’s files, you could never trust the database because it would have to be owned by the webserver and therefore at risk of being modified by a hacker.

That said, if you can’t install AIDE, then you should use a plugin like that. It would be really nice if it emailed the administrator once every 24 hours with a list of changed files.