conf.d/vhost.conf

<IfModule>
    AddType text/html .shtml
    AddOutputFilter INCLUDES .shtml
</IfModule>
<VirtualHost *:80>
    ServerName www.xxx.cn
    ServerAdmin webmaster@gate
    DocumentRoot /var/www/html
    Header set Access-Control-Allow-Origin *
    Header set Access-Control-Allow-Credentials true
    Header set Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept"
    DirectoryIndex index.php index.html
#    ErrorLog logs/error_log
#    CustomLog logs/access_log common
</VirtualHost>
<Directory "/var/www/html/">
    AddType text/html .ssi
    AddOutputFilterByType INCLUDES;DEFLATE text/html
    Options Includes FollowSymLinks IncludesNOEXEC
    AllowOverride  All
    Require all granted
</Directory>

/var/www/html/.htaccess

Options +FollowSymlinks
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME}.php -f
RewriteRule ^(.+)$ /pingtai/admin/$1.php [L,QSA]

<Files ~ ".txt|.log|.zip|.gz|.sql|.tpl">
Order allow,deny
Deny from all
</Files>
 这样就可以防止日志、压缩包、模板等文件被下载了