好吧，我找到了解决方案！

Alright I found the solution!

解决这些问题需要根据您的需求从不同来源收集一些技巧。我一直在寻找一种方法来防止未经授权的用户访问与主服务器不同的文件服务器上的文件。 （主服务器正在授权用户）

Working on such problems needs some trick gathered from different sources based on your needs. I was looking for a way to prevent unauthorized users from accessing files on file server which is different from your main server. (the main server is authorizing users)

首先，我使用IIS规则阻止了包含敏感文件的 Url模式的所有传入请求。然后我为文件服务器编写了一些代码行来处理使用 IHttpHandler 接口的Http请求，以便1）检查授权规则和2）将确切文件发送给客户端而不将它们转换为字节数组。最后，我使用了此链接以美化链接到文件服务器！这就是所有人;）

First of all, I blocked ALL incoming requests containing the Url pattern of my sensitive files using IIS rules. Then I wrote some lines of code for file server to handle Http requests using IHttpHandler interface in order to 1) check authorization rules and 2) send exact files to clients without converting them to byte array. And lastly, I used This Link to prettify links to file server! That's all folks ;)

现在：

物理链接[已屏蔽] ： IP2 / MediaFiles / 2015/12 / image0001.jpg

虚拟链接： IP2 / Please / Find / A / File / By / DB / Id / 1 ---> image0001.jpg