Deter direct access to files (mp3) but yet allow flash player to play songs (htaccess/php)


I know it's practically impossible to not allow a user to download an mp3 file with all the various methods out there. But I'm stuck in a situation where i need to make things slightly more private/secure for my customers.

Here's my problem, I'm currently using this flash mp3 player to stream/play the songs. The player uses xml for settings & playlist. I'm also using WordPress & the S2Member plugin.

I'm trying to allow the player to play songs but yet do not allow users to download/opening the direct links to the files. (eg: songs are located at*.mp3, script is in a level up). Is there a htaccess method to deny direct access but yet allow (local) scripts to call the file?

Also, I mentioned about S2Member plugin for WordPress.

The WordPress plugin has a built in restriction to as where logged in users can download files that are hidden from open access. So in order to download a song, u'll have to use

The folder that hosts the files has a .htaccess with a "Deny All" in it. Is it possible to reuse this folder to play/stream songs with the flash player mentioned above?

To the best of my knowledge this isn't possible. Yes, it's possible to deny access to the outside world, while allowing access to local scripts. But Flash isn't a local script. All things being equal, a Flash app requesting a file is no different than a browser requesting a file. You can't block one without blocking the other.

The only solution that even comes to my mind is having the Flash app request the file with a special query string, i.e. /somesong.mp3?fromflash. Off course that won't stop most people from getting the song, but it could stop some people.

This video can help you solving your question :)
By: admin