diff --git a/install_nginx.sh b/install_nginx.sh
index 02ed264..92277f2 100644
--- a/install_nginx.sh
+++ b/install_nginx.sh
@@ -90,6 +90,8 @@ if [ -z "$cpu_cores" ]; then
     cpu_cores="1";
 fi
 if [[ $(vercomp "$ubuntu_ver" "16") == "<" ]]; then #Need update ca-certificates manual
+    sudo apt-get install -y apt-transport-https ca-certificates
+    sudo update-ca-certificates
     sudo bash -l -c "
         cd /root &&
         wget https://launchpad.net/ubuntu/+archive/primary/+sourcefiles/ca-certificates/20210119~20.04.2/ca-certificates_20210119~20.04.2.tar.xz --no-check-certificate -O ca-certificates_20210119~20.04.2.tar.xz &&
@@ -241,7 +243,7 @@ if [[ $(vercomp "$nginx_ver" "$nginx_target_ver") ==  "<" ]] || [[ "$1" == '--fo
             cp -f objs/ngx_http_modsecurity_module.so /etc/nginx/modules/. && \
             echo 'load_module modules/ngx_http_modsecurity_module.so;' > /etc/nginx/modules-enabled/50-mod-modsecurity.conf && \
             mkdir -p /etc/nginx/modsec && \
-            wget --no-check-certificate -P /etc/nginx/modsec/ https://raw.githubusercontent.com/SpiderLabs/ModSecurity/v3/master/modsecurity.conf-recommended -O modsecurity.conf && \
+            wget --no-check-certificate -P /etc/nginx/modsec/ https://raw.githubusercontent.com/SpiderLabs/ModSecurity/v3/master/modsecurity.conf-recommended -O /etc/nginx/modsec/modsecurity.conf && \
             cd .. && \
             cp -f ModSecurity/unicode.mapping /etc/nginx/modsec && \
             sed -i 's/SecRuleEngine DetectionOnly/SecRuleEngine On/' /etc/nginx/modsec/modsecurity.conf && \
@@ -284,16 +286,6 @@ if [[ $(vercomp "$nginx_ver" "$nginx_target_ver") ==  "<" ]] || [[ "$1" == '--fo
                 http_block_end=$((http_block_end + 1))
             fi
         done
-        if [[ "$install_modsecurity" == "1" ]]; then
-            echo "Please modify your nginx conf file by yourself!"
-            echo "
-            server {
-                # ...
-                modsecurity on;
-                modsecurity_rules_file /etc/nginx/modsec/main.conf;
-            }
-            "
-        fi
     fi
     if [[ -z "$(grep -E 'include\s+\/etc\/nginx\/modules-enabled\/\*\.conf;' /etc/nginx/nginx.conf)" ]]; then
         nginx_conf_path="/etc/nginx/nginx.conf"
@@ -301,5 +293,15 @@ if [[ $(vercomp "$nginx_ver" "$nginx_target_ver") ==  "<" ]] || [[ "$1" == '--fo
         sudo bash -l -c "echo '$nginx_conf_contents' > $nginx_conf_path"
         sudo service nginx restart
     fi
+    if [[ "$install_modsecurity" == "1" ]]; then
+        echo "Please modify your nginx conf file by yourself!"
+        echo "
+        server {
+            # ...
+            modsecurity on;
+            modsecurity_rules_file /etc/nginx/modsec/main.conf;
+        }
+        "
+    fi
     cd "$org_pwd"
 fi
\ No newline at end of file