Best way to find the system and application folders above the web root in CI3?

One of the first things you notice about CodeIgniter 3 when you install it is that the index.php file is stored in the document root, meaning that when you eventually go to deploy your finished application on the server, someone who knows it's built on top of CodeIgniter can access any file stored beneath. Though I've yet to come across problems regarding the actual PHP source files, as each one is told to cancel execution if someone tries to access them directly.

So how do we solve this problem? The installation guide gives us a brief idea:

For the best security, both the system and any application folders should be placed above web root so that they are not directly accessible via a browser. By default, .htaccess files are included in each folder to help prevent direct access, but it is best to remove them from public access entirely in case the web server configuration changes or doesn’t abide by the .htaccess.

but that's not good enough. I want specifics. So I dig a bit deeper into the documentation and find this:

Another good security practice is to only leave your index.php and “assets” (e.g. .js, css and image files) under your server’s webroot directory (most commonly named “htdocs/”). These are the only files that you would need to be accessible from the web.

Again, that's some pretty vague wording. Sure, I did find some other people who touched on the same issue, but never any concrete examples. Specifically, I'm looking for what I should be replacing the $system_path and $application_folder variables with. Thank you.
Also, hi. This is my first post. There doesn't seem to be anywhere to introduce myself, so I thought I'd jump right in.