Hello everyone, I am using a flash-based media player to stream some MP3's on my site. I want anyone to be able to listen to the MP3's using the media player, but I want to prevent them from directly downloading/saving the files by typing in the url where they are located. Does anyone have a solution? I tried password protecting the directory where the files are located, but then the media player asks for a password when you hit play. Thank you in advance if you can help.

I think you can achive something of interest with a .htaccess. Personally I don't know how to do this though.

I think you can redirect the page using redirect option in your cpanel. Anyone who visits that directory will be redirected somewhere else, meaning the contents cannot be seen.

Hello everyone, I am using a flash-based media player to stream some MP3's on my site. I want anyone to be able to listen to the MP3's using the media player, but I want to prevent them from directly downloading/saving the files by typing in the url where they are located.

The easiest solution I can see is this:

If you want to prevent them from knowing the filenames of the mp3's in your directory, just create an .htaccess file with the following line of instructions:


Options -Indexes


Once you have this in the directory containing your mp3's, anyone that types in http://yourdomain/mp3s/ isn't going to see the filenames of your mp3's. Instead they'll see the message:

Forbidden

You don't have permission to access /mp3s/ on this server.

They're not going to be able to see the names of the mp3 files if you use that.

There are other ways of doing this in htaccess, but this is the simplest way I can think of.

I'm no expert in ht.access but I'm glad I learnt something today!

Hello everyone, I am using a flash-based media player to stream some MP3's on my site. I want anyone to be able to listen to the MP3's using the media player, but I want to prevent them from directly downloading/saving the files by typing in the url where they are located. Does anyone have a solution? I tried password protecting the directory where the files are located, but then the media player asks for a password when you hit play. Thank you in advance if you can help.

Password protecting the directory is really the only way to do it. Since you are using a flash-based player, you may have to use ActionScript to input the username and password automatically. There should be a way to do this, though I'm not very good with ActionScript.

You can also try setting the permissions on the file 640. Again, not sure if that will work, but it's worth a try.

Kindest Regards,
Shadmego

How difficult do you want to make it? Ideally, a database-driven script can hash the filenames and retrieve them for the flash applet. This would make the files themselves meaningless to anyone who doesn't know what they are, yet make them fully functional when used with the flash applet.

I must be missing some thing I am running Flash MP3 player on my site and have created a directory for my MP3 files.. I have done nothing and I have tried to hank into my own site to test it and it does not allow me to see those files nevermind try to back door download them...

Can someone be more clear on the security risk that you are all talking about. If you prefer send me a private message here on the ways to test my mp3 directory.

Can someone be more clear on the security risk that you are all talking about.

I may be paranoid, but I was concerned that anyone who views the source code of the page will see that the media player runs off a playlist file, which contains the urls of the mp3's. So if someone wants to look at the source and do a little nosing around, they could locate the exact location of the mp3s and save them.

Thanks for all the suggestions. I am trying them out and will report back about what works.

If you use the .htaccess method they will not be able to get to your file even if they know the exact path to it.:cool: