diff --git a/README.md b/README.md
index 2012bd8..6aad29e 100644
--- a/README.md
+++ b/README.md
@@ -345,7 +345,7 @@ Values : *\<HTTP status codes separated with | char\>*
 Default value : *400|401|403|404|405|444*  
 List of "strange" error codes that fail2ban will search for.  
 
-`FAIL2BAN_BANTIME`
+`FAIL2BAN_BANTIME`  
 Values : *<number of seconds>*  
 Default value : *3600*  
 The duration time, in seconds, of a ban.  
@@ -377,7 +377,7 @@ Default value : *yes*
 If set to yes, ClamAV will automatically remove the detected files.  
 
 ## Misc
-`ADDITIONAL_MODULES` 
+`ADDITIONAL_MODULES`  
 Values : *\<list of packages separated with space\>*  
 Default value :  
 You can specify additional modules to install. All [alpine packages](https://pkgs.alpinelinux.org/packages) are valid.  
diff --git a/confs/modsecurity-rules.conf b/confs/modsecurity-rules.conf
index 60d75a3..2e60872 100644
--- a/confs/modsecurity-rules.conf
+++ b/confs/modsecurity-rules.conf
@@ -57,10 +57,10 @@ SecAuditLog /var/log/modsec_audit.log
 # scan uploaded files with clamv
 %USE_CLAMAV_UPLOAD%
 
-# include custom rules
-%MODSECURITY_INCLUDE_CUSTOM_RULES%
-
 # include OWASP CRS rules
 %MODSECURITY_INCLUDE_CRS%
 %MODSECURITY_INCLUDE_CUSTOM_CRS%
 %MODSECURITY_INCLUDE_CRS_RULES%
+
+# include custom rules
+%MODSECURITY_INCLUDE_CUSTOM_RULES%
diff --git a/confs/server.conf b/confs/server.conf
index 8adb5ae..ad958d2 100644
--- a/confs/server.conf
+++ b/confs/server.conf
@@ -1,4 +1,5 @@
 server {
+	include /server-confs/*.conf;
 	%LISTEN_HTTP%
 	%AUTO_LETS_ENCRYPT%
 	%CUSTOM_HTTPS%
@@ -25,5 +26,4 @@ server {
 	%COOKIE_FLAGS%
 	%ERRORS%
 	%USE_FAIL2BAN%
-	include /server-confs/*.conf;
 }