When the file Web.config is updated by Advanced Installer, and the option to create a backup file is enabled (recommended), the file Web.config.back is created. Or web.config.1.back if it is already present.
A webserver ignores requests for files with the ".config" extension, but requests for files with the extension ".back" are NOT ingnored. This imposes a security risk, because the config file "Web.config.back" will be visible to our users.
Please can you change the way a backup copy is created, so the extension remains the same. E.g. Web.back.config or Web.1.back.config.
Another problem is that a backup copy is always created, even if there are no modifications necessary.
Best regards,
Bart