I have used the Laravel 5.1 php framework to build a web application on my local XAMPP server.

1. Which files or folders should be uploaded on my shared host server?
2. Should the .env file at root be uploaded?
3. In this case, if sensitive information such as database connection passwords are in this file, is there a security risk?

1. All project files should be uploaded under project root \var\www\project (project = all laravel project folder and files and \var\www\project\public is where your domain pointing. Storage should have write permission.

2. .env will be under project root and it is not available for public access.

3. .env won't be accessible for public, if it is then you have a configuration problem with you web server.

Move All the files on xyz(your folder name for which domain/subdomain is mapped) folder

Then follow these steps

1. Go to public folder

2. Copy .htacsses file

3. Paste it in xyz folder

4. Change server.php to index.php

5. Enjoy and happy coding

This is working fine with hostgator.in shared hosting.