If you want to detect and act on  XSS probes and attacks on your PHP web application without too much of coding, here’s a project which delivers. It’s called PHPIDS. It’s an IDS for your PHP application which scans your inputs (without sanitizing it) and checks for XSS attacks based on a rule set. You can get an impact analysis of the attack and act on them accordingly based on the severity.

PHPIDS adds a layer of security over your application without having to retrofit code all over the place. It’s also a useful tool to create reports on attacks without having to parse through all the server access log files.

The scanning rules  can be updated by replacing an xml file, pretty much like a virus definition update

Check their FAQ’s on how to integrate this with your application - it’s pretty simple. They’ve got a demo page where you can go test out the efficiency of the system.

PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application. The IDS neither strips, sanitizes nor filters any malicious input, it simply recognizes when an attacker tries to break your site and reacts in exactly the way you want it to.

Link: PHPIDS » Web Application Security 2.0 » Index