Deployment of Laravel App on Apache server

I am new to programming so please bear with me.

We have a FileMaker solution that we have developed over the past 5 years, it does a lot for us but FileMaker has its limitations, that is why I started to learn PHP and fell in love with it because of Laravel, for some of the stuff FileMaker cannot do or does poorly I have now created a Laravel App that interacts via an API with FileMaker and helps it do all kinds of cool things.

The Laravel App I developed on my local MacBook using Laravel Valet, VSCode and Postman, all functionality works great in my local environment .

FileMaker server installs its own version of PHP and uses Apache, and anything that you put inside the /Library/FileMaker\ Server/HTTPServer/htdocs/ or /Library/FileMaker\ Server/HTTPServer/htdocs/httpsRoot/ will be accesible via the IP or URL of your FileMaker server, so in essence the httpsRoot/ directory is like the public_html of shared hosting.

My question is, I will put the App folder inside this directory as such httpsRoot/laravel, then I will change my httpd.conf and point the DocumentRoot to /htdocs/laravel/public

In my testing this works, but I want to make sure it is secure to do it this way and it all my confidential files such as .env will not be visible.

I plan to make a guide for how to do this here since there are a few more steps involved, but for now I will like to make sure I am doing this correctly as far as Laravel security goes.