I set up a Debian server and was befuddled for some time about why my .htaccess in the default server was not being obeyed. This was a Virtualmin install, but It turns out to have nothing to do with Virtualmin and everything to do with Debian's more-secure-by-default configuration.
To enable .htaccess processing in the default server, use your favorite text editor on /etc/apache2/sites-available/default (on some other distributions this may be /etc/apache2/sites-available/000-default ) and right at the top you will see:
Options Indexes FollowSymLinks MultiViews
allow from all
Change the two instances of
AllowOverride None to
...and all should be well.
With Webmin you can also go to Servers: Apache Webserver: Global Configuration: Edit Config Files; and select the sites-available/default for editing right in your browser.