diff --git a/development.ini b/development.ini
--- a/development.ini
+++ b/development.ini
@@ -111,6 +111,9 @@ app_instance_uuid = development-not-secr
 ## cut off limit for large diffs (size in bytes)
 cut_off_limit = 256000
 
+## WSGI environment variable to get the IP address of the client (default REMOTE_ADDR)
+#remote_addr_variable = HTTP_X_FORWARDED_FOR
+
 ## always pretend the client connected using HTTPS (default false)
 #force_https = true
 
diff --git a/docs/setup.rst b/docs/setup.rst
--- a/docs/setup.rst
+++ b/docs/setup.rst
@@ -423,8 +423,12 @@ somehow pass the original information on
 configured to pick that information up and trust it.
 
 Kallithea will by default rely on its WSGI server to provide the IP of the
-client in the WSGI environment as ``REMOTE_ADDR``, but it can also
-get it from the ``X-Real-IP`` or ``X-Forwarded-For`` HTTP headers.
+client in the WSGI environment as ``REMOTE_ADDR``, but it can be configured to
+get it from an HTTP header that has been set by the proxy server. For
+example, if the proxy server puts the client IP in the ``X-Forwarded-For``
+HTTP header, set::
+
+    remote_addr_variable = HTTP_X_FORWARDED_FOR
 
 Kallithea will by default rely on finding the protocol (``http`` or ``https``)
 in the WSGI environment as ``wsgi.url_scheme``. If the proxy server puts
diff --git a/kallithea/controllers/base.py b/kallithea/controllers/base.py
--- a/kallithea/controllers/base.py
+++ b/kallithea/controllers/base.py
@@ -81,20 +81,12 @@ def _filter_proxy(ip):
 
 
 def get_ip_addr(environ):
-    proxy_key = 'HTTP_X_REAL_IP'
-    proxy_key2 = 'HTTP_X_FORWARDED_FOR'
-    def_key = 'REMOTE_ADDR'
-
-    ip = environ.get(proxy_key)
-    if ip:
-        return _filter_proxy(ip)
-
-    ip = environ.get(proxy_key2)
-    if ip:
-        return _filter_proxy(ip)
-
-    ip = environ.get(def_key, '0.0.0.0')
-    return _filter_proxy(ip)
+    """The web server will set REMOTE_ADDR to the unfakeable IP layer client IP address.
+    If using a proxy server, make it possible to use another value, such as
+    the X-Forwarded-For header, by setting `remote_addr_variable = HTTP_X_FORWARDED_FOR`.
+    """
+    remote_addr_variable = kallithea.CONFIG.get('remote_addr_variable', 'REMOTE_ADDR')
+    return _filter_proxy(environ.get(remote_addr_variable, '0.0.0.0'))
 
 
 def get_path_info(environ):
diff --git a/kallithea/templates/ini/template.ini.mako b/kallithea/templates/ini/template.ini.mako
--- a/kallithea/templates/ini/template.ini.mako
+++ b/kallithea/templates/ini/template.ini.mako
@@ -174,6 +174,9 @@ app_instance_uuid = ${uuid()}
 <%text>##</%text> cut off limit for large diffs (size in bytes)
 cut_off_limit = 256000
 
+<%text>##</%text> WSGI environment variable to get the IP address of the client (default REMOTE_ADDR)
+#remote_addr_variable = HTTP_X_FORWARDED_FOR
+
 <%text>##</%text> always pretend the client connected using HTTPS (default false)
 #force_https = true