christ1an just announced that PHPIDS has been released. This has been in development for quite a while, but the intention is to react (more like an IPS than an IDS) to potential attacks. From the site:
The IDS neither strips, sanitizes nor filters any malicious input, it simply recognizes when an attacker tries to break your site and reacts in exactly the way you want it to.
If you are running any custom PHP programs, I’d suggest taking this for a spin. As it is a first public release there will no doubt be some issues, but with the community’s help, hopefully this will turn into more of a ubiquitous tool to stop attackers from exploiting PHP applications. Please provide feedback about it’s use. I’m sure it will become a valuable resource. Nice work by .mario, crist1an and Lars.