RewriteEngine On

# Blokkeer gevoelige mappen (maar sta storage/uploads/ toe voor media)
RewriteRule ^(app|config|database|vendor)/ - [F,L]
RewriteCond %{REQUEST_URI} !^.*/storage/uploads/
RewriteRule ^storage/ - [F,L]

# Blokkeer gevoelige bestanden
RewriteRule \.(env|sql|sh|log|gitignore)$ - [F,L]

# Sta install.php direct toe
RewriteRule ^public/install\.php$ - [L]

# Sta statische bestanden in public/ toe
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_URI} -f
RewriteRule ^ - [L]

RewriteCond %{REQUEST_URI} ^(.*)/public/assets/ [NC]
RewriteRule ^public/(.*)$ public/$1 [L]

# Stuur alle overige requests naar root index.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php [QSA,L]
