Generally, I update web pages over ssh session. The problem is that vim creates a backup files ended with a diacritical mark (~).
Some other open source software use .inc extensions of php and other include for code. However, lighttpd comes with nifty module called mod_access module which is used to deny access to files with given trailing path names.
Open lighty's config file:
# vi /etc/lighttpd/lighttpd.conf
Append or add mod_access (if it is not added) :
server.modules += ( "mod_access" )
Next append rule that deny access to files with given trailing path names (~ and .inc):
url.access-deny = ( "~", ".inc" )
Save and close the file. Restart lighttpd:
# /etc/init.d/lighttpd restart
Now if end users try to open .inc or other trailing path names he/she will get error 404.