If you're protecting a file from direct access, you can add some sort of gateway script which spits out the content without redirecting and exposing the URL.
To do that (using PHP in this example), send the following headers to the browser before displaying the content.
$filename = "files/path/something.zip";
$content = file_get_contents($filename);
header("Content-Disposition: attachment; filename=\"hello world.zip\"");
header("Content-Type: " . mime_content_type($filename));
header("Content-Length: " . strlen($content));
The headers are in the same format no matter what language you use, so it should be fairly simple to port it.
[ Source ]