#disable directory browsing
Options -Indexes
RewriteEngine on
RewriteCond %{REQUEST_URI} !^public
RewriteRule ^(.*)$ public/$1 [L]

#PROTECT ENV FILE
<Files .env>
order allow,deny
Deny from all
</Files>

#PROTECT ENV FILE
<Files .htaccess>
order allow,deny
Deny from all
</Files>

<FilesMatch "(?i)^(?:(?!\.php$).)*$">
    <IfModule mod_headers.c>
        Header set Access-Control-Allow-Origin "*"
    </IfModule>
</FilesMatch>