diff --git a/.github/workflows/update_patterns.yml b/.github/workflows/update_patterns.yml
index 52349a2..6a3f6b8 100644
--- a/.github/workflows/update_patterns.yml
+++ b/.github/workflows/update_patterns.yml
@@ -81,7 +81,6 @@ jobs:
 
     - name: 🗑️ Delete Existing 'latest' Tag and Release (if they exist)
       run: |
-        gh auth login --with-token <<< "$GITHUB_TOKEN"
         # Delete local tag
         git tag -d latest || true
         # Delete remote tag (force)
@@ -89,7 +88,7 @@ jobs:
         # Delete release, --yes for confirmation
         gh release delete latest --yes || true
       env:
-        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
 
     - name: 🚀 Create GitHub Release (if previous steps succeeded)
diff --git a/waf_patterns/nginx/README.md b/waf_patterns/nginx/README.md
index befaff5..09d7af1 100644
--- a/waf_patterns/nginx/README.md
+++ b/waf_patterns/nginx/README.md
@@ -4,6 +4,9 @@ This directory contains Nginx WAF configuration files generated from OWASP rules
 You can include these files in your existing Nginx configuration to enhance security.
 
 ## Usage
+
+**Important:** You should only include the two main configuration files (`waf_maps.conf` and `waf_rules.conf`). The individual category files (e.g., `attack.conf`, `xss.conf`) are provided for reference only and should **not** be included directly, as they contain both `map` and `if` directives that cannot be used in the same Nginx context.
+
 1. Include the `waf_maps.conf` file in your `nginx.conf` *inside the `http` block*:
    ```nginx
    http {
@@ -24,7 +27,9 @@ You can include these files in your existing Nginx configuration to enhance secu
    ```
 
 ## Notes
-- The rules use `map` directives for efficient pattern matching. The maps are defined in the `waf_maps.conf` file.
-- The rules (if statements) are defined in the `waf_rules.conf` file.
+- The `map` directives (defined in `waf_maps.conf`) must be placed in the `http` context.
+- The `if` rules (defined in `waf_rules.conf`) must be placed in a `server` or `location` context.
+- **Do not** try to include individual category files like `attack.conf` directly - they are auto-generated for reference and viewing purposes only.
 - Blocked requests return a `403 Forbidden` response by default.
 - You can enable logging for blocked requests by uncommenting the `access_log` line.
+