Laravel is Designed to Run at the Domain Root Path
====

It must always run at `http://localhost/`. There is no room for debate.

Running it at a URL like `http://localhost/public/` is completely wrong.
The reason attacks attempting to read the `http://localhost/.env` file have been increasing over the past few years is because beginners who don't understand this accidentally expose their `.env` file.

1. Understand web servers before starting to use Laravel.
2. Laravel's `public` directory is the web server's document root. Do not expose anything outside of the `public` directory to the public.

This is the most basic of basics. It is extremely dangerous for those who do not understand this to use it incorrectly.