# To prevent access to .env and other files

RewriteEngine On
    RewriteCond %{HTTPS} !=on
    RewriteCond %{THE_REQUEST} /public/([^\s?]*) [NC]
    RewriteRule ^ %1 [L,NE,R=302]
    RewriteRule ^((?!public/).*)$ public/$1 [L,NC]
<Files .*>
# Apache 2.2
<IfModule !mod_authz_core.c>
Order deny,allow
Deny from all
</IfModule>
# Apache 2.4
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
</Files>

