How can I prevent access to certain files on my website, even if somebody knows the location of these files, i.e.

My web server is apache and my system is linux.

I want to prevent direct access (typing in the URL and downloading the file), script access (I'm not sure if this is different from direct access or not, so hopefully someone can point this out to me) and any other type of security issue that you (the experts) might imagine that I need to be worried about here.

I am not looking for a 100% bulletproof solution because I know the answer is "if you don't want your files to be accessed, then don't put them online" but I just want to make sure that I can take every reasonable step necessary to make these files difficult for people to get their hands on.

Thanks for taking the time to read my post and hopefully you can help me out/point me in the direction of some apache security primer or something.