I like the web js flow that makes payment easy (so that indie devs can focus on building the main app logic), but it seems that if someone quickly deploys, the .env file is exposed. Please include a default .htaccess that protects the env file
.htaccess
# Disable index view
Options -Indexes
# Hide a specific file
<Files .env>
Order allow,deny
Deny from all
</Files>
I like the web js flow that makes payment easy (so that indie devs can focus on building the main app logic), but it seems that if someone quickly deploys, the .env file is exposed. Please include a default .htaccess that protects the env file
.htaccess