# Security - Block access to entire application
<Files ~ "^\.">
    Order allow,deny
    Deny from all
</Files>

<FilesMatch "\.(php|ini|log|conf|config|md)$">
    Order allow,deny
    Deny from all
</FilesMatch>

# Block access to all application files
<IfModule mod_authz_core.c>
    Require all denied
</IfModule>

# Directory protection - Block all access
<Directory />
    Order allow,deny
    Deny from all
</Directory>

# Only allow access to public directory
<Directory "public">
    Order allow,deny
    Allow from all
    Require all granted
</Directory>

# Set default directory to public
DirectoryIndex public/index.php

# Redirect root to public directory
<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    
    # Redirect root to public
    RewriteRule ^$ public/ [L]
    
    # Redirect all other requests to public
    RewriteCond %{REQUEST_URI} !^/public/
    RewriteRule ^(.*)$ public/$1 [L]
</IfModule>