If the server your are on requires 777 permissions for Joomla to work correctly, then request to be put on another server with php as cgi and suphp and up-to-date serverside software (apache, php etc) on your existing host or find another server host if necessary.

To protect directories that seemed to need 777 permissions to run or as a default in your images/media folder try this code within a .htaccess file within the open folder.

# secure directory by disabling script execution
AddHandler cgi-script .php .pl .py .jsp .asp .htm .shtml .sh .cgi
Options -ExecCGI

especially in your images folder

  • Make sure that is in a htaccess file in a directory that will not run any scripts or remove the extensions as required

Do check with your hosting provider to see if they have purposely secured the server your site is on; and that they or you perform regular (weekly) security updates to keep the server up to date. Check you have jail shell. A rule of thumb is the less you pay, the less they care