1

watch file to see whos accessing/writing it and log it

view story
linux-howto

http://serverfault.com – I am facing some malware problems on my webserver. I updated third party software such as Wordpress to the latest version, disabled root logins and my users password complex enough but still someone or something is changing my index.php files, adding some code that causes malware alerts on many visitor's browsers. Now as I'm not able to find out who or what is doing that, I think about watching one of the index.php files which are changed periodically so I can see who is accessing it. I would like to know what program and user is accessing it. Is there any possibility to do so? I checked in (HowTos)