Just to note, PHPIDS by itself does not prevent or protect against intrusion. It's an API for you to make your own application with. "The IDS neither strips, sanitizes nor filters any malicious input, it simply recognizes when an attacker tries to break your site and reacts in exactly the way you want it to."1. if you're running a hosting a website, you can add modsecurity/php ids to it to prevent webbased hacking.
2. limit the services that you're supposed to run(if some services are only used once in a while, then turn it off and turn it on based on demand)
3. if certain services are only to be accessed by you, then limit it to a predefined set of ip for better security(like ssh)
However, "Never use old/outdated script/software/OS" -- provided that it doesn't breaks anything, so, always do a backup before upgrading