Solution:
You can follow some steps like:
- Use random number with time stamp to save the file name.
- To prevent the folder from unauthorized access, disable directory listing using htaccess
- You can also deny all in htaccess so no one can access the folder
- Use plugin like Protect uploads to make more secure your upload folder, but they do the same things mentioned above.