參考資料:
https://www.cnblogs.com/20175211lyz/p/11741348.html
修改:/etc/apache2/文件夾下的apache2.conf文件
# Sets the default security model of the Apache2 HTTPD server. It does
# not allow access to the root filesystem outside of /usr/share and /var/www.
# The former is used by web applications packaged in Debian,
# the latter may be used for local directories served by the web server. If
# your system is serving content from a sub-directory in /srv you must allow
# access here, or in any related virtual host.
<Directory />
Options FollowSymLinks
AllowOverride None
Require all denied
</Directory>
<Directory /usr/share>
AllowOverride None
Require all granted
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride ALL # 默認應該是None,ALL表示/var/www/下所有文件接受.htaccess的重寫
Require all granted
</Directory>
# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives. See also the AllowOverride
# directive.
#
AccessFileName .htaccess # 分布式配置文件也不一定叫.htaccess,可以在這里自己設置
#
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
#
<FilesMatch "^\.ht">
Require all denied # 防止.htaccess和.htpasswd被Web用戶看到
</FilesMatch>