MVC public folder htaccess is not working

Question

I recently moved my index.php (the file that handles routing) and CSS, JavaScript, and font assets to a public/ folder. I only want items in this public/ folder to be accessible for security purposes. I ran into this problem when I realized I could visit mysite.com/composer.lock and view the composer lock file with my old .htaccess and folder setup.

Here is what I want

If I visit mysite.com/car/create, I want it to actually point to mysite.com/public/index.php?path=car/create

If I link to an asset such as mysite.com/css/style.css, I want it to really point to mysite.com/public/css/style.css

Here is my folder structure

Here is my .htaccess which is not working at all

<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.+)$ public/index.php?path=$1 [L,QSA]
</IfModule>

How can I fix this? It just generates empty pages and I can still directly visit files in the root directory, etc.

Answer 1

Your existing directives specifically avoid rewriting requests for existing files, so it would still enable you to visit files in the root directory. It will also rewrite static resources to public/index.php?path=, which will presumably fail.

Try the following instead:

RewriteEngine On

# Stop processing if already in the /public directory
RewriteRule ^public/ - [L]

# Static resources if they exist
RewriteCond %{DOCUMENT_ROOT}/public/$1 -f
RewriteRule (.+) public/$1 [L]

# Route all other requests
RewriteRule (.*) public/index.php?path=$1 [L,QSA]