diff --git a/rootfs/etc/nginx/template/nginx.tmpl b/rootfs/etc/nginx/template/nginx.tmpl
index 8219e0e5e..6c2dd5b52 100644
--- a/rootfs/etc/nginx/template/nginx.tmpl
+++ b/rootfs/etc/nginx/template/nginx.tmpl
@@ -210,6 +210,13 @@ http {
         ''               $host;
     }
 
+    # We can't use $proxy_add_x_forwarded_for because the realip module
+    # replaces the remote_addr to soon
+    map $http_x_forwarded_for $the_real_x_forwarded_for {
+        default          "$http_x_forwarded_for, $realip_remote_addr";
+        ''               "$realip_remote_addr";
+    }
+
     server_name_in_redirect off;
     port_in_redirect        off;
 
@@ -742,7 +749,7 @@ stream {
             proxy_set_header                        Connection        $connection_upgrade;
 
             proxy_set_header X-Real-IP              $the_real_ip;
-            proxy_set_header X-Forwarded-For        $the_real_ip;
+            proxy_set_header X-Forwarded-For        $the_real_x_forwarded_for;
             proxy_set_header X-Forwarded-Host       $best_http_host;
             proxy_set_header X-Forwarded-Port       $pass_port;
             proxy_set_header X-Forwarded-Proto      $pass_access_scheme;