diff --git a/salt/idstools/etc/rulecat.conf b/salt/idstools/etc/rulecat.conf
index 50ac14674..8be3aa1ce 100644
--- a/salt/idstools/etc/rulecat.conf
+++ b/salt/idstools/etc/rulecat.conf
@@ -1,10 +1,10 @@
 {%- from 'vars/globals.map.jinja' import GLOBALS -%}
 {%- from 'idstools/map.jinja' import IDSTOOLSMERGED -%}
---merged=/nsm/rules/suricata/all.rules
---local=/nsm/rules/local/local.rules
+--merged=/opt/so/rules/nids/all.rules
+--local=/opt/so/rules/nids/local.rules
 {%-   if GLOBALS.md_engine == "SURICATA" %}
---local=/nsm/rules/sorules/ids/extraction.rules
---local=/nsm/rules/sorules/filters.rules
+--local=/opt/so/rules/nids/sorules/extraction.rules
+--local=/opt/so/rules/nids/sorules/filters.rules
 {%-   endif %}
 --url=http://{{ GLOBALS.manager }}:7788/suricata/emerging-all.rules
 --disable=/opt/so/idstools/etc/disable.conf
diff --git a/salt/idstools/tools/sbin_jinja/so-rule-update b/salt/idstools/tools/sbin_jinja/so-rule-update
index 6ed4058f1..eac3e1c9c 100755
--- a/salt/idstools/tools/sbin_jinja/so-rule-update
+++ b/salt/idstools/tools/sbin_jinja/so-rule-update
@@ -1,5 +1,4 @@
 #!/bin/bash
-
 . /usr/sbin/so-common
 
 {%- from 'vars/globals.map.jinja' import GLOBALS %}
diff --git a/salt/nginx/enabled.sls b/salt/nginx/enabled.sls
index 923299e57..93c5e4ebc 100644
--- a/salt/nginx/enabled.sls
+++ b/salt/nginx/enabled.sls
@@ -12,6 +12,15 @@ include:
   - nginx.config
   - nginx.sostatus
 
+make-rule-dir-nginx:
+  file.directory:
+    - name: /nsm/rules
+    - user: socore
+    - group: socore
+    - recurse:
+      - user
+      - group
+
 so-nginx:
   docker_container.running:
     - image: {{ GLOBALS.registry_host }}:5000/{{ GLOBALS.image_repo }}/so-nginx:{{ GLOBALS.so_version }}
diff --git a/setup/so-setup b/setup/so-setup
index c018d63d1..b663eb31b 100755
--- a/setup/so-setup
+++ b/setup/so-setup
@@ -648,7 +648,7 @@ if ! [[ -f $install_opt_file ]]; then
 			title "Downloading IDS Rules"
 			logCmd "so-rule-update"
 			title "Downloading YARA rules"
-			logCmd "so-yara-update"
+			logCmd "runuser -l socore 'so-yara-update'"
 		fi
 		title "Setting up Kibana Default Space"
 		logCmd "so-kibana-space-defaults"