Many people manage their websites with a concept called “out of sight, out of mind”. The premise of this concept supposes that if you cannot easily identify a vulnerability in your system, it is as if it does not exist. Therefore, there is no need to worry about it. The problem with this concept is that it fails to account for the possibility that one of those vulnerabilities may have already been exploited.
Just because a security problem with your website is not apparent does not mean that someone has not already found it and started exploiting it. Moreover, it is possible for them to use your site to attack other servers, send spam, or commit other cyber criminal acts without you even knowing.
One way to deal with these types of hidden threats is to use a file integrity checker. Essentially, a file integrity checker finds files that have been compromised by checking their pre-computed checksum against the database it has of each file on your system. When attacking a system, it is very difficult for hackers to not leave traces of their work by altering files. Think of these traces as fingerprints. When a file has been altered in an unusual way, the file integrity checker should detect it.
The key to making a file integrity checker work for you is making sure you understand your file system. When the system performs updates, some files may get altered, creating the possibility for false positives. This requires you to stay ahead of the process and update the database of the file integrity checker regularly. You should also make sure your system is clean before you begin so that compromised files are not added into the database from the start.