What's the best way to lock down the upload folder

Howdy all,
Well during live beta testing someone decided to play a game of hackaroony with my site.

Basically, they added a file to the upload directory then a few days later activated it with added code to my .htaccess file. Turns out this happened to a few others around the interwebs at the same time too.

Anyways, just wondering how others lock down the uploads folder so scripts cant be executed in it.