This module provides one simple feature: it replaces the client IP address with the one specified in the X-Real-IP HTTP header for clients that visit your website behind a proxy or for retrieving IP addresses from the proper header if Nginx is used as a backend server (it essentially has the same effect as Apache's mod_rpaf; see Chapter 7, Apache and Nginx Together, for more details). To enable this feature, you need to insert the real_ip_header directive that defines the HTTP header to be exploited: either X-Real-IP or X-Forwarded-For. The second step is to define trusted IP addresses. In other words, the clients that are allowed to make use of those headers. This can be done thanks to the set_real_ip_from directive, which accepts ...