# Disable index view Options -Indexes RewriteEngine On # Handle Authorization Header RewriteCond %{HTTP:Authorization} . RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] # Deny all these files/folders RedirectMatch 403 ^/.git/.*?$ RedirectMatch 403 ^/.travis/.*?$ RedirectMatch 403 ^/app/.*?$ RedirectMatch 403 ^/bootstrap/.*?$ RedirectMatch 403 ^/config/.*?$ RedirectMatch 403 ^/modules/.*?$ RedirectMatch 403 ^/node_modules/.*?$ RedirectMatch 403 ^/resources/.*?$ RedirectMatch 403 ^/storage/.*?$ RedirectMatch 403 ^/tests/.*?$ RedirectMatch 403 ^/vendor/.*?$ RedirectMatch 403 ^/.bowerrc$ RedirectMatch 403 ^/.env RedirectMatch 403 ^/artisan$ RedirectMatch 403 ^/composer.json RedirectMatch 403 ^/composer.lock RedirectMatch 403 ^/composer.phar RedirectMatch 403 ^/env.php.*?$ RedirectMatch 403 ^/env.php RedirectMatch 403 ^/env.php$ RedirectMatch 403 ^/Makefile RedirectMatch 403 ^/package.json RedirectMatch 403 ^/package-lock.json RedirectMatch 403 ^/phpunit.xml RedirectMatch 403 ^/webpack.mix.js RedirectMatch 403 ^/yarn.lock RewriteRule ^(.*)$ public/$1 [L]