WordPress Integrity: A simple intrusion detection

As I see so many scripts trying out wordpress vulnerabilities, it is just a matter of time until one bot will succeed. The only chance I see is to remove those unused themes and plugins, autoupdate wordpress and run weekly backups.

Another option is to monitor file integrity with this short php script

$cmd='find ./wordpress -type f -exec md5sum {} \;> ./hidden/wordpress.md5';
exec($cmd,$ret);
echo "<pre>"; print_r($ret); echo "</pre>";

Results can be seen with

$cmd='md5sum -c ./hidden/wordpress.md5 | grep -oh ".*FAILED.*"';