You can use hashing.
For example, SHA1("222.exe" + "key") = hash
"key" is some string that only the server knows.
The client says it wants /name=222.exe&hash=hash. If the hash on the server matches what the client sent, then it can download the file.
By what rule to issue keys to clients is up to you. For example, if you "mix" a session cookie into it, then another user will not be able to download the file.

1. You can put the file so that it is not visible to the web server at all. And give the file a script, checking, as you like, authorization, rights, and so on. For example the following application structure:

/webroot/getfile.php
/storage/
/storage/file1.jpg
/storage/file2.jpg
/storage/file3.jpg

the web server knows only about /webroot/
, that is, the getfile.php file will be available at the url site.ru/getfile.php
and you will request the files you need at the url site.ry/getfile.php?file=file1.jpg
example of the script:
php. net/manual/en/function.readfile.php

<?php
$file = '../'.$_GET['file'];

if (file_exists($file)) {
    header('Content-Description: File Transfer');
    header('Content-Type: application/octet-stream');
    header('Content-Disposition: attachment; filename='.basename($file));
    header('Content-Transfer-Encoding: binary');
    header('Expires: 0');
    header('Cache-Control: must-revalidate');
    header('Pragma: public');
    header('Content-Length: ' . filesize($file));
    ob_clean();
    flush();
    readfile($file);
    exit;
}
?>

This variant is bad in that it overwhelms the server with unnecessary PHP downloads. There is a more memory-efficient way to give the file
2. Again, put the files inaccessible from outside the server, and generate symlinks on them with a very long and difficult-to-select name (for example, 250 random characters), temporary
Php script, when requesting site.ru/getfile. php?file=file1.jpg will create the required simling and return a redirect to it: site.ru/longlonglongname
The directory structure will be as follows

/webroot/getfile.php
/webroot/longlonglongname -> ../storage/file1.jpg
/storage/
/storage/file1.jpg
/storage/file2.jpg
/storage/file3.jpg

With this approach, PHP will not work directly when uploading a file, the file will be available from outside via a long, not randomly selected URL. After, for example, 3 hours, you need to remove the link

It is possible with a negative margin, but then you can catch incomprehensible spaces at the bottom. Try different ways. You can set translate to negative, you can set top to negative, while making both blocks relative and naturally set z-index for both, otherwise you will run into problems with browsers, some will display normally, and some will not (tested in very different conditions).
If the blue block has a fixed height, make it inside the black one and set it as it should be through absolute, and make a large padding for the black one, which will be the height to the very bottom of the blue one.

If nesting is not required

<div id="block_black"></div>
<div id="block_blue" style="width: 80%; margin: -100px auto 0 auto;"></div>

* if black is the website header, then background image and padding-top are best