我以前读过一些文章，它工作得很好，但真的不知道是否安全

    a. Create new folder local.
    b. Move all project into the local folder expect public folder.
    c. Move all the content of public folder to project root.
    d. Delete the blank public folder
    f. Edit the index file. 

编辑index.php

require __DIR__.'/../bootstrap/autoload.php';
$app = require_once __DIR__.'/../bootstrap/app.php';

to

require __DIR__.'/local/bootstrap/autoload.php';
$app = require_once __DIR__.'/local/bootstrap/app.php';

对于拉拉维尔 5：

将Laravel根文件夹中的server.php重命名为index.php 从/public目录复制.htaccess文件到你的Laravel根目录 文件夹中。

就是这样!

与Laravel 5.5相关：

在第一次安装Laravel后，我遇到了著名的“公共文件夹问题”，我想出了这个解决方案，在我个人看来，它比我在网上找到的其他解决方案更“干净”。

成就

URI中没有公共词 保护.env文件，防止好奇的人

只要使用mod_rewrite和四个简单的规则编辑.htaccess，一切都可以完成。

步骤

移动.htaccess文件到public/。Htaccess在主根目录下 编辑如下

I commented everything, so it should be clear (I hope) also to those who have never used mod_rewrite (not that I'm an expert, all the opposite). Also, to understand the rules, it must be clear that, in Laravel, if Bill connects to https://example.com, https://example.com/index.php is loaded. This file just contains the command header("refresh: 5; https://example.com/public/"), which sends the request to https://example.com/public/index.php. This second index.php is responsible to load the controller and other stuff.

# IfModule prevents the server error if the app is moved in an environment which doesn’t support mod_rewrite
<IfModule mod_rewrite.c>
    <IfModule mod_negotiation.c>
        Options -MultiViews
    </IfModule>

    RewriteEngine On

    # RULES ORIGINALLY IN public/.htaccess ---
    # Redirect Trailing Slashes If Not A Folder...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_URI} (.+)/$
    RewriteRule ^ %1 [L,R=301]

    # Handle Front Controller...
#    RewriteCond %{REQUEST_FILENAME} !-d
#    RewriteCond %{REQUEST_FILENAME} !-f
#    RewriteRule ^ index.php [L]

    # Handle Authorization Header
    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
    # --- END

    # PERSONAL RULES ---
    # All the requests on port 80 are redirected on HTTPS
    RewriteCond %{SERVER_PORT} ^80$
    RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R,L]

    # When .env file is requested, server redirects to 404
    RewriteRule ^\.env$ - [R=404,L,NC]

    # If the REQUEST_URI is empty (means: http://example.com), it loads /public/index.php
    # N.B.: REQUEST_URI is *never* actually empty, it contains a slash that must be set as match as below
    # .* means: anything can go here at least 0 times (= accepts any sequence of characters, including an empty string)
    RewriteCond %{REQUEST_URI} ^/$
    RewriteRule ^(.*) /public/index.php [L]

    # If the current request is asking for a REQUEST_FILENAME that:
    # a) !== existent directory
    # b) !== existent file
    # => if URI !== css||js||images/whatever => server loads /public/index.php, which is responsible to load the app and the related controller
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule !^(css|js|images|media)/(.*)$ /public/index.php [L,NC]

    # If the current request is asking for a REQUEST_FILENAME that:
    # a) !== existent directory
    # b) !== existent file
    # => if URI == css||js||images[=$1]/whatever[=$2] => server loads the resource at public/$1/$2
    # If R flag is added, the server not only loads the resource at public/$1/$2 but redirects to it
    # e.g.: bamboo.jpg resides in example.com/public/media/bamboo.jpg
    #       Client asks for example.com/media/bamboo.jpg
    #       Without R flag: the URI remains example.com/media/bamboo.jpg and loads the image
    #       With R flag: the server redirects the client to example.com/public/media/bamboo.jpg and loads the image
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^(css|js|images|media)/(.*)$ /public/$1/$2 [L,NC]
    # --- END

</IfModule>

下面的规则(原来在public/.htaccess中)可以被删除。事实上，同样的规则在最后两条规则中以更详细的方式进行了显式说明。

# Handle Front Controller...
#    RewriteCond %{REQUEST_FILENAME} !-d
#    RewriteCond %{REQUEST_FILENAME} !-f
#    RewriteRule ^ index.php [L]

编辑:我错过了阿比纳夫·萨拉斯瓦特的解决方案，他的答案应该是公认的。只有一个简单而明确的规则，可以将所有流量重定向到公用文件夹，而无需修改任何文件。

1)我还没有找到L5中公共目录移动的工作方法。虽然可以修改bootstrap index.php中的一些内容，但似乎有几个辅助函数是基于公共目录存在的假设。总之，老实说，你真的不应该移动公共目录。

2)如果你使用MAMP，那么你应该为每个项目创建新的vhosts，每个服务于项目的公共目录。创建后，您可以通过定义的服务器名访问每个项目，如下所示:

http://project1.dev
http://project2.dev

我在这里尝试了一些解决方案，发现htaccess适用于laravel 5.2，像这样:

RewriteEngine On

RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/$ /$1 [L,R=301]



RewriteCond %{REQUEST_URI} !(\.css|\.js|\.png|\.jpg|\.gif|robots\.txt)$ [NC]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ server.php

RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} !^/public/
RewriteRule ^(css|js|images)/(.*)$ public/$1/$2 [L,NC]
RewriteRule ^.env - [F,L,NC]
RewriteRule ^app - [F,L,NC]
RewriteRule ^bootstrap - [F,L,NC]
RewriteRule ^config - [F,L,NC]
RewriteRule ^database - [F,L,NC]
RewriteRule ^resources - [F,L,NC]
RewriteRule ^vendor - [F,L,NC]

当你有另一个文件或文件夹禁止只需添加

RewriteRule ^your_file - [F,L,NC]

我知道这个问题有很多解决方案。最好和最简单的解决方案是在根目录中添加.htaccess文件。

我尝试了我们为这个问题提供的答案，但我在Laravel中遇到了一些auth:api守卫的问题。

以下是最新的解决方案:

<IfModule mod_rewrite.c>
    <IfModule mod_negotiation.c>
        Options -MultiViews
    </IfModule>

    RewriteEngine On
    RewriteCond %{HTTP:Authorization} ^(.*)
    RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]

    RewriteCond %{REQUEST_FILENAME} -d [OR]
    RewriteCond %{REQUEST_FILENAME} -f
    RewriteRule ^ ^$1 [N]

    RewriteCond %{REQUEST_URI} (\.\w+$) [NC]
    RewriteRule ^(.*)$ public/$1

    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^ server.php
</IfModule>

在根目录中创建.htaccess文件并添加以下代码。一切都很顺利