    <IfModule mod_rewrite.c>
        RewriteEngine On

        RewriteCond %{REQUEST_FILENAME} !-d
        RewriteCond %{REQUEST_FILENAME} !-f
        RewriteRule ^ index.php [L]

        RewriteCond %{HTTP:Authorization} .
        RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
    </IfModule>

    # Disable directory browsing
    Options -Indexes

    # Deny access to sensitive files and directories
    <FilesMatch "\.(env|log|ini|bak|sql|swp|zip|tar\.gz)$">
        Require all denied
    </FilesMatch>
    <Files ".env">
        Require all denied
    </Files>
    <Files "error_log">
        Require all denied
    </Files>
    RedirectMatch 403 /app/
    RedirectMatch 403 /vendor/ 
    