Alias /panel /srv/www/html/panel

<Directory /srv/www/html/panel>

  # panel php-fpm worker
  <FilesMatch ".+\.ph(p[3457]?|t|tml)$">
    SetHandler "proxy:unix:/run/php/php-fpm-vpanel.sock|fcgi://localhost"
  </FilesMatch>

  # Enable rewrite engine
  RewriteEngine On

  # force https
  RewriteCond %{HTTPS} off
  RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

  # Some servers require you to specify the `RewriteBase` directive
  # In such cases, it should be the path (relative to the document root)
  # containing the index file
  RewriteBase /panel

  # return 404 Not Found (effectively blocking access) to:
  # classes/
  # config/
  # f3/
  # tmp/
  # all hidden files and dirs (anything beginning with a .)
  RewriteRule ^(classes|config|f3|tmp)\/|^\.|^/\. - [R=404]

  # Route requests to the framework
  RewriteCond %{REQUEST_FILENAME} !-l
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteCond %{REQUEST_FILENAME} !-d
  RewriteRule .* index.php [L,QSA]
  RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]

</Directory>

# deny direct access to html (template) files
<Directory /srv/www/html/panel/ui>
  <FilesMatch "\.(htm|html)$">
    Deny from all
  </FilesMatch>
</Directory>