I have folders on a site which is 777. It is used to upload files using web form and files are stored in it. But due to 777 someone is using the folder to upload phishing pages. Due to which i am getting notices from my host again and again.

I tried to change permission so that public cannot write but then the php won't upload the file and gives error.

What to do ? Help me!