Pass the remote IP to the proxied application (#1298)

eXpl0it3r · web-flow · commit 18d2b4ffff52 · 2025-11-20T16:32:15.000Z
diff --git a/.github/actions/spelling/expect.txt b/.github/actions/spelling/expect.txt
@@ -276,6 +276,7 @@ redhat
 redir
 redirectscheme
 refactors
+remoteip
 reputational
 risc
 ruleset
diff --git a/docs/docs/admin/environments/apache.mdx b/docs/docs/admin/environments/apache.mdx
@@ -92,6 +92,11 @@ Assuming you are protecting `anubistest.techaro.lol`, you need the following ser
        DocumentRoot /var/www/anubistest.techaro.lol
        ErrorLog /var/log/httpd/anubistest.techaro.lol_error.log
        CustomLog /var/log/httpd/anubistest.techaro.lol_access.log combined
+
+       # Pass the remote IP to the proxied application instead of 127.0.0.1
+       # This requires mod_remoteip
+       RemoteIPHeader X-Real-IP
+       RemoteIPTrustedProxy 127.0.0.1/32
 </VirtualHost>
 ```
 
