the question is not related to Nextcloud application likely in more generic web hosting forum you get better advice. I don’t think you can prevent downloading public accessible files using deeplinks. Depending on the technique used you can try checking if there is REFERRER header or block loading your site as iframe. But in my eyes this will not address all use cases. AFAIK the only way to control who can access the files is creating password protected shares.