I’m wondering what’s the best way to block acces to files which shouldn’t be public such as :
- .env
- config (directory)
- composer.json
- composer.lock
- Gemfile
- etc.
I could write something in my Capistrano recipe to manually delete the unnecessary files after the composer update task and automatically output the necessary .htaccess rules to block the .env and other config files…
But I assume that this logic is needed by anybody using Bedrock, so It must already be in there somewhere. Isn’t it?