SELinux can help here. PHP applications should not be making outgoing network requests.
If SELinux is too difficult, iptables can filter away outgoing traffic as well. Not enough people put outgoing blocks on their firewalls.
A server farm / rack provider might also run IDS like Snort. See if you can get them to copy you on IDS alerts related to your IPs.
And for crying out loud, don't use your login password for your application's SQL account, helpfully listed in a plain text PHP include.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds