# Disable index view
Options -Indexes

RewriteEngine On

# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

# Deny all these files/folders
RedirectMatch 403 ^/.git/.*?$
RedirectMatch 403 ^/.travis/.*?$
RedirectMatch 403 ^/app/.*?$
RedirectMatch 403 ^/bootstrap/.*?$
RedirectMatch 403 ^/config/.*?$
RedirectMatch 403 ^/modules/.*?$
RedirectMatch 403 ^/node_modules/.*?$
RedirectMatch 403 ^/resources/.*?$
RedirectMatch 403 ^/storage/.*?$
RedirectMatch 403 ^/tests/.*?$
RedirectMatch 403 ^/vendor/.*?$
RedirectMatch 403 ^/.bowerrc$
RedirectMatch 403 ^/.env
RedirectMatch 403 ^/artisan$
RedirectMatch 403 ^/composer.json
RedirectMatch 403 ^/composer.lock
RedirectMatch 403 ^/composer.phar
RedirectMatch 403 ^/env.php.*?$
RedirectMatch 403 ^/env.php
RedirectMatch 403 ^/env.php$
RedirectMatch 403 ^/config.php$
RedirectMatch 403 ^/config.bak.php$
RedirectMatch 403 ^/Makefile
RedirectMatch 403 ^/package.json
RedirectMatch 403 ^/package-lock.json
RedirectMatch 403 ^/phpunit.xml
RedirectMatch 403 ^/webpack.mix.js
RedirectMatch 403 ^/yarn.lock

RewriteRule ^(.*)$ public/$1 [L]