How can I securely put music on my website?

Question

I mean, I want to share an audio file without letting users to download it.

Here are my tries :

• When I do <audio src="myAudio.mp3" />, it may be kept in the browser cache.
• When I do <audio src="myAudio.mp3?12345" />, my file is not cached but users can extract its path in the source code, that means they can download it easily.
• I thought about adding DRM to it but it seems there are tools to remove that.
• I tried to find jQuery library for that but none of them does what I want.

Is it possible ? If so, how ?

Answer 1

It's possible using Amazon S3 (similar to the way Soundcloud does it) to generate secure mp3 links for use in your HTML5 player. You generate a secure mp3 on S3 that is valid for a very short time (seconds or minutes), there by prevent someone from copying and sharing the link. You will need to generate the link dynamically using SDK/API.

See example of how to use PHP to generate secure links.

Answer 2

Add a .httacess function to block users from downloading files in a path or a whole entire folder. You can also make a password for files also so they wont be able to be deleted without a password

This goes in your .htacess file

RewriteEngine On
# you can add whatever extensions you want routed to your php script
RewriteCond %{REQUEST_URI} \.(mp3|wav|oss)$ [NC]
RewriteRule ^(.*)$ /download-file.php?filename=$1 [L]

The last RewriteRule change the download-file.php to your actually php or html file with the download.

Answer 3

The correct answer is that, if you allow your users to listen to the music, they will, by definition, be able to record said music. There is a very clear distinction between security, which you are requesting, and obfuscation, which you actually want.