The last topic you'll consider in this chapter is the ASP.NET configuration file system.
Every web application includes a web.config file that configures fundamental settings—everything from the way error messages are shown to the security settings that lock out unwanted visitors. You'll consider the settings in the web.config file throughout this book. (And there are many more settings that you won't consider in this book, because they're used much more rarely.)
The ASP.NET configuration files have several key advantages:
They are never locked
You can update web.config settings at any point, even while your application is running. If there are any requests currently under way, they'll continue to use the old settings, ...