<IfModule mod_rewrite.c>
    <IfModule mod_negotiation.c>
        Options -MultiViews -Indexes
    </IfModule>

    RewriteEngine On
    
    <FilesMatch "^\.">
    Order allow,deny
    Deny from all
    </FilesMatch>

    # BLOCK SENSITIVE FILES
    <FilesMatch "(^\.env|composer\.(json|lock)|package\.json|artisan|server\.php|webpack\.mix\.js|phpunit\.xml|README\.md|\.git)">
    Order allow,deny
    Deny from all
    </FilesMatch>

    RewriteCond %{REQUEST_URI}::$1 ^(/.+)/(.*)::\2$
    RewriteRule ^(.*) - [E=BASE:%1]

    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%0]

    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f

    RewriteRule ^ index.php [L]
</IfModule>