2 months ago
Since this morning (March 26, 2026), X-Forwarded-For and X-Real-Ip headers no longer contain the real client IP address. They only show
Fastly edge IPs (167.82.173.x range). This was working correctly until yesterday (March 25).
What changed: Nothing on our side. No redeployment, no config change.
- Real client IP (verified via whatismyip.com): 46.155.42.152
- X-Forwarded-For: 167.82.173.48 (Fastly edge IP, NOT the real client)
- X-Real-Ip: 167.82.173.48 (same Fastly edge IP)
- X-Envoy-External-Address: not set (N/A)
- Fastly-Client-IP: not present
I tested from a clean personal hotspot connection (no VPN, no corporate proxy) and the real client IP still doesn't appear in any header.
Impact: Our IP whitelist feature is completely broken. We cannot determine the real client IP for access control.
Expected behavior: X-Forwarded-For should contain the real client IP (e.g., 46.155.42.152, 167.82.173.48), as it did until March 25.
Is there a known infrastructure change on the Fastly/edge proxy layer that happened today? How can we get the real client IP?
Thanks.
2 Replies
Status changed to Awaiting Railway Response Railway • about 2 months ago
Status changed to Awaiting User Response Railway • about 2 months ago
2 months ago
Hey,
This has been fixed, no action is needed on your end.
We are sorry for introducing this regression and will be more diligent about changes to the behavior of headers going forward.
2 months ago
This thread has been marked as solved automatically due to a lack of recent activity. Please re-open this thread or create a new one if you require further assistance. Thank you!
Status changed to Solved Railway • about 2 months ago