RewriteEngine On
RewriteBase /

# Deny direct access to app/ and storage/ (if webroot accidentally misconfigured)
RewriteRule ^(app|sql|storage)/ - [F,L]

# Front Controller
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^ index.php [QSA,L]
