This is an old post, but for video you might want to consider using MPEG-DASH to obfuscate your files. Plus, it will provide a better streaming experience for your users without the need for a separate streaming server. More info in this post: How to disable video/audio downloading in web pages?

If you want only authorised users to get the content, both the client and the server need to use encryption.

For video and audio, a good solution is Azure Media Services, which has content protection and encryption. You embed the Azure media player in your browser and it streams the video from Azure.

For documents and email, you can look at Azure Rights Management, which uses a special client. It doesn't currently work in ordinary web browsers, unfortunately, except for one-off, single-use codes.

I'm not sure exactly how secure all this is, however. As others have pointed out, from a security point of view, once those downloaded bytes are in the "attacker's" RAM, they're as good as gone. No solution is 100% secure in this case (please correct me if I'm wrong). As with most security, the goal is to make it harder, so the 99% don't bother.

Granted that any image the user can see will be able to be saved on the computer and there is nothing you can do about it. Now if you want to block access to other images that the user is not supposed to see, I am actually doing it that way:

• Every link is to the "src" in your image tag is in fact a request send to a controller on the server,
• the server checks the access rights of that specific user, and returns the image if the user is supposed to have access to it,
• all images are stored in a directory that is not directly accessible from the browser.

Benefit:

• The user will not have access to anything that you don't intent him/her to have access to

Drawback:

• Those requests are slow.. especially is there are lots of images on the same page. I haven't found a good way to accelerate that in fact..

As many have said, you can't stop someone from downloading content. You just can't.

But you can make it harder.

You can overlay images with a transparent div, which will prevent people from right clicking on them (or, setting the background of a div to the image will have the same effect).

If you're worried about cross-linking (ie, other people linking to your images, you can check the HTTP referrer and redirect requests which come from a domain which isn't yours to "something else".

As the browser needs to transfer the content to display it (text, images, videos), the data is already on the client's computer when the website is displayed. The previous answers give little advice on how to make it harder for non-experienced users to grab the content. Here are some directions:

• General
  • Overlay the respecitive contents with a transparent <DIV> or a transparent image (as described in some answers to this question)
  • Open the website in a frameset, so saving may miss the frame content.
  • Open the website via window.open() to hide the menu bar.
  • Disable right-clicks via JavaScript (not recommended due to all the side-effects on usability)
  • Load the page's HTML code from another file (which may check for a specific referer or which may be ROT13) via JavaScript, so it's harder to access the source code.
  • Tell the browser that all content is display:none for the printer (something like @media print { body, div, p { display: none } })
  • Use JavaScript to hide the content before a client makes a screenshot (see Stop User from using “Print Scrn”)
  • Try to disable or overwrite the clipboard (see this post)
• Images
  • Do not use the <img> tag for images but set the image as background for a <DIV>
  • Wrap images into SVGs or Flash movies to make them very hard to access in a usable format.
  • Disable caching for images (via <meta> tag or by setting the appropriate header on server delivery), so they are not stored in the browser cache (immeaditely accessible on the client's computer).
  • Cut an image into parts, so it takes some extra work to reconstruct the whole image
  • Add onmousedown events to images, e.g., display a copyright alert.
  • Deliver the image via server script (e.g., PHP) and check the referer.
• Videos
  • Stream videos to prevent simple downloading via URL.
  • Wrap videos into a Flash movie.
  • Use some nasty format that supports DRM.
• Texts
  • Make text unselectable (see How to make HTML Text unselectable)
  • Additionally to overlaying, wrap the text into JavaScript (e.g., after ROT13 or loaded dynamically from a second file), so the text is not directly available in the source code.
  • Convert texts to images (this may decrease display quality), SVGs or Flash

Again, I repeat that none of this will stop an experienced user from grabbing the content (e.g. by making a screenshop and - optionally - run OCR on it). Sometimes it's as easy as using the browser's developer tools or using the website without JavaScript. Yet, it will give inexperiences users a hard time, so they may look for some easier source to grab from.

Also keep in mind that the above techniques will affect search engines when reading the page's content (if you're interested in blocking them, start with a robots.txt).

Thank you for any other ideas to complement the above list!

you can reduce the possibility but not eliminate it...