Fix definition order of modsecurity directives for controller to match PR 5315 (#6940) (#7323)

* Fix definition order of modsecurity directives for controller to match PR 5315

* Add a test

rootfs/etc/nginx/template/nginx.tmpl

@@ -149,14 +149,16 @@ http {
     {{ if $all.Cfg.EnableModsecurity }}
     modsecurity on;
 
+    {{ if (not (empty $all.Cfg.ModsecuritySnippet)) }}
+    modsecurity_rules '
+      {{ $all.Cfg.ModsecuritySnippet }}
+    ';
+    {{ end }}
+
     modsecurity_rules_file /etc/nginx/modsecurity/modsecurity.conf;
 
     {{ if $all.Cfg.EnableOWASPCoreRules }}
     modsecurity_rules_file /etc/nginx/owasp-modsecurity-crs/nginx-modsecurity.conf;
-    {{ else if (not (empty $all.Cfg.ModsecuritySnippet)) }}
-    modsecurity_rules '
-      {{ $all.Cfg.ModsecuritySnippet }}
-    ';
     {{ end }}
 
     {{ end }}