Understand that in order to 'view' anything on your site, the browser 'downloads' it, and very likely caches it as well. So what you're asking is impossible in a strict sense.

Also, if you are streaming this content, then methods which work for regular Web pages and objects included on those pages may not work, or may have to be tailored to work with the 'streamer' software on the server.

For protecting content against casual theft by hotlinking, a simple referrer-based solution is often used. However, referrer-based anti-hotlinking code must leave a 'hole' that allows clients to access the content without sending a referrer. This is because not all clients send an HTTP referrer header, some people run 'internet security software' which blocks the referrer header, and some clients connect through corporate and ISP caching proxies, which do not send a referrer header. Therefore, in order to avoid having your site 'broken' when a referrer is not received from the client, blank referrers must be allowed. So this method only works against very 'casual' abuse, and only stops about 75% of it.

The next step up is to rename the files periodically -- say once a day. You can actually just rename the "directory" path without renaming all the files. However there is a problem, in that someone who is viewing a page on your site that was produced just before the filepaths to the media files were changed will get an error if he clicks one of those links, because the links his browser 'sees' are now obsolete. So you must manage page and object caching very carefully, and allow (through the use of mod_rewrite or scripting) requests from links on just-recently-outdated pages to still work.

Another method is to rewrite all media file requests to a script, which takes the object name (such as "mymovie-1.flv" as a query string parameter. The page with links to your media objects would also need to set a cookie. The script checks for that cookie, and if present, "includes" the named media file and sends it to the client. If the cookie is missing or outdated, the visitor can be asked to log in (or log in in again). The cache-control expiry time for the media files themselves must be short for this to work properly -- They must be marked to expire sooner than or at the same time as the cookie.

But again, this method is not 100% reliable either, because cookies can be faked.

So unfortunately, there is no 100%-effective solution.

Jim

That guy JD on most days is chasing his tail in so many directions that it's impossible for Jim to recall all the excellent examples he's provided in the past ;)

Aside from Jim's extensive explantion, this old thread [webmasterworld.com] provides a "possible" implementation. ADVISE you read the entire thread.

Even if there was a 100% effective method to stop "downloading", the fact remains that if the video appears in somebody's browser then they can record it with screen capture software.

So while you might use the methods outlined above to thwart the automated or uninformed (and I use some of them myself) you need to fully understand their limitations to avoid disappointment.

Where there's a will - in this case at least - there's a way.

...

Yes I understands what Jim said, it was so helpful, yet i'm not programmer wich makes me ask alot, I know that you can make a small trick by refering any user who tries to download into another files or pages, this is so great method and I know Jim mentioned it in the upper reply, but because i'm not programmer, what kind of code should i use to make that trick.

suppose my videos are in website/streaming/videos/
and i wanted to prevent that folder by the trick, i have'nt mentioned that my videos are for paying subscribers which makes me in 100% need for a solution.