I know it's practically impossible to not allow a user to download an mp3 file with all the various methods out there. But I'm stuck in a situation where i need to make things slightly more private/secure for my customers.
Here's my problem, I'm currently using this flash mp3 player http://www.flabell.com/flash/Flash-Mp3-Player-29 to stream/play the songs. The player uses xml for settings & playlist. I'm also using WordPress & the S2Member plugin.
I'm trying to allow the player to play songs but yet do not allow users to download/opening the direct links to the files. (eg: songs are located at domain.com/player/songs/*.mp3, script is in a level up). Is there a htaccess method to deny direct access but yet allow (local) scripts to call the file?
Also, I mentioned about S2Member plugin for WordPress.
The WordPress plugin has a built in restriction to as where logged in users can download files that are hidden from open access. So in order to download a song, u'll have to use domain.com/s2script_download?file=mysong.mp3.
The folder that hosts the files has a .htaccess with a "Deny All" in it. Is it possible to reuse this folder to play/stream songs with the flash player mentioned above?