Create real folder in root, (could be in subfolder of root if you don't use index page)
In properties for the folder > Permissions, only check Uploads "Anyone". Nothing for Access
or Delete.In Flags, check Browsable and No download. In tab Diff template put
{.redirect|/LOCATION/WHERE YOUR LINK IS/PAGE.html.}
Put a link to the folder used for blind up load like <a href="/YOUR FOLDER NAME/~upload">Your Folder Name</a>
some where on a page where your users can get to it without logging in, or it could be added as a Link available after log in.
You can also add this folder a second time to your secure path as in my first post, for remote admin access.
Note that I use my own template and 2.3 Beta. I don't know how this would set up in any others.
As usual, there is more than one way to do this, and it depends on how your server, vfs and
tpl is configured as to what works best for you.
I tested Mars solution and, of course it works here. Difference is, mine calls original template
upload form.