The PHPFreaks.com website has posted a recent tutorial looking at a tool that can help you protect you and your web applications from possible malicious users - PHPIDS.
PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application. The IDS neither strips, sanitizes nor filters any malicious input, it simply recognizes when an attacker tries to break your site and reacts in exactly the way you want it to. Based on a set of approved and heavily tested filter rules any attack is given a numerical impact rating which makes it easy to decide what kind of action should follow the hacking attempt.
They look at the installation of the tool, an example configuration (that sets up some logging and caching settings) and a PHP script to enable the functionality. Then you can use the auto_prepend Apache directive to load it on each page and protect your site quickly and easily.