Edited:
You need a rewrite rule for each of your websites that are having traffic directed to them from the proxy server. The rule will check to see if the HTTP_X_FORWARDED_FOR
header exists and has a value, if it does, then we know the request has been forwarded from the proxy server so we'll set the server variable REMOTE_ADDR
to the value of HTTP_X_FORWARDED_FOR
because we know that is the true IP address of the user.
Here's the rule:
<rule name="RewriteRemoteAddr">
<match url="(.*)" />
<conditions>
<add input="{HTTP_X_FORWARDED_FOR}" pattern="([_0-9a-zA-Z]+)" />
</conditions>
<serverVariables>
<set name="{REMOTE_ADDR}" value="{HTTP_X_FORWARDED_FOR}" />
</serverVariables>
<action type="None" />
</rule>