real-time site protection for SQL injection?


I think a lot of sites have problems because SQL injection,
and then be downloaded problem files to the account,
I want to ask if there is a better way to protect these people?

because the security rules of some software are not good,
and many times block the normal connection,
and make sure that the visitor's IP is blocked.