I want to restrict access to certain files. These are large 200 megabyte+ files. Therefore these two approaches are impractical:

1) redirecting to the files (I don't want others viewing them or hotlinking to them)

2) buffering the files with php (kill the webserver in a matter of minutes)

Suggestions?

Limit access to 1 IP per user using http mod.

Peace,

That would not prevent users from downloading content that I had not approved.

Use htaccess file user system (more like password protected directories).

Peace,

How would I allow a specific IP to access a file with htaccess?

You will most likely want to look into using X-Sendfile. Put the files behind some sort of auth scheme (PHP or BASIC AUTH), and then just send the X-Sendfile header along to your server (Apache/Lighttpd).

mod_xsendfile documentation (and example!) is here:
http://tn123.ath.cx/mod_xsendfile/

Is there a way to implement that in PHP without the mod?

http://blog.thinkphp.de/archives/136-Make-the-download-of-large-files-with-PHP-and-lighty-very-easy.html

you chould chmod it using your ftp,
right click on the folder where these files are and click properties, then it will say :
read write execute
owner (tick) (tick) (tick)
Group (tick) (tick)
owner (tick) (tick)

and make it look like :
read write execute
owner (tick) (tick) (tick)
Group
owner

and that should work

Keep the actual files in a location that's not web-accessible and use temporary symlinks to permit downloads.

ie. When an authenticated / authorized person clicks the download link, run a PHP script that:
1. creates a new symlink in a web-accessible location with a long, random name.
2. redirects the visitor to that new "file".

Then at intervals, delete old symlinks to prevent hotlinking / sharing.