Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

mvnobrega's avatar

how to block access to url with "public"

My website is accessible in both ways:

www.site.com/public/pt-br www.site.com/pt-br

But this is making google index my site and all pages in both ways.

I need to return error 404 for urls with "public" or redirect with 301 to the page without "public".

But all the information I find on the internet does not help me solve this. I really don't know how to get htaccess to solve this as I'm planning.

The htaccess of the laravel root looks like this:

<IfModule mime_module> 
AddHandler application/x-httpd-ea-php72 .php .php7 .phtml 
</IfModule>

# Redirect Trailing Slashes If Not A Folder...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.*)/$ / [L,R=301]

RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteCond %{REQUEST_URI} !^/\.well-known/cpanel-dcv/[0-9a-zA-Z_-]+$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/(?:\ Ballot169)?
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule ^ https://www.%1%{REQUEST_URI} [L,NE,R=301]  
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteCond %{REQUEST_URI} !^/\.well-known/cpanel-dcv/[0-9a-zA-Z_-]+$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/(?:\ Ballot169)?
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule ^(.*)$ public/ [L]



# php -- BEGIN cPanel-generated handler, do not edit
# Defina o pacote “ea-php73” como a linguagem padrão de programação “PHP”.
<IfModule mime_module>
  AddHandler application/x-httpd-ea-php73 .php .php7 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit

and in the public folder like this:

<IfModule mod_rewrite.c>
    <IfModule mod_negotiation.c>
        Options -MultiViews -Indexes
    </IfModule>

    RewriteEngine On

    # Handle Authorization Header
    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

    # Redirect Trailing Slashes If Not A Folder...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_URI} (.+)/$
    RewriteRule ^ %1 [L,R=301]

    # Send Requests To Front Controller...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^ index.php [L]
</IfModule>

How do I solve this?

0 likes
4 replies
Snapey's avatar

fix it by hosting your site where the document root is the public folder - not by gymnastics in the .htaccess file.

Have you checked that your .env and log files are not accessible?

1 like
mvnobrega's avatar

I am not that experienced friend. The files on my laravel website are inside "public_html"

and laravel's "public" folder is inside it. So should I move the "public" folder to be on the same level as the "public_html"?

Or should I put the "public" files inside "public_html". And what remains of the laravel files to be placed in another folder?

mvnobrega's avatar

Thank you very much for the suggestions. I managed to solve. Hug :))

Please or to participate in this conversation.