Hi Everyone i have a doubt, why laravel allowing to read the env file via domain. For example, i rooted my domain to laravel application. whenever i hit my domain in the browser it will load the app right. But in case i hit mydomain.com/.env, it will return my env. I know we can hide it. But priorly it should be hidden. This will show our connectivity credentials.