diff --git a/salt/common/tools/sbin/so-suricata-testrule b/salt/common/tools/sbin/so-suricata-testrule
index 645a0368b..fee70cff5 100644
--- a/salt/common/tools/sbin/so-suricata-testrule
+++ b/salt/common/tools/sbin/so-suricata-testrule
@@ -29,14 +29,14 @@ echo "Running all.rules and $TESTRULE against the following pcap: $TESTPCAP"
 echo ""
 sleep 3
 
-cp /opt/so/conf/suricata/rules/all.rules /tmp/nids-testing/rules/all.rules
-cat $TESTRULE >> /tmp/nids-testing/rules/all.rules
 
 rm -rf /tmp/nids-testing/output
 mkdir -p /tmp/nids-testing/output
 chown suricata:socore /tmp/nids-testing/output
 mkdir -p /tmp/nids-testing/rules
 
+cp /opt/so/conf/suricata/rules/all.rules /tmp/nids-testing/rules/all.rules
+cat $TESTRULE >> /tmp/nids-testing/rules/all.rules
 
 echo "==== Begin Suricata Output ==="