Laravel 4: how to protect assets folder?
You should set up your application so that everything outside of the initial public directory is outside of your document root. That's one of the reasons why Laravel actually ships with a public directory. Typically most people will symlink this directory to the document root. Anything inside public is, obviously, public. If you'd like your assets directory to be inaccessible you could opt to use htaccess or an index.html file much like how you've described.
If, for whatever reason, you need to shuffle some things around and have your actual application files within your document root then you'll need to implement some form of security if you see the need. This, again, could either be using htaccess or an index.html file. Typically a htaccess approach is simpler. If you wanted to protect the app directory you could drop a .htaccess file in there that looked something like this.
deny from all
I have provided a similar answer to this type of question here: Laravel image gallery logic
In principle - you should store all your assets outside of public - and use PHP readfile() to securely serve them to users as required.