I have my infrastructure where traefik (V1.6) is sitting behind AWS CloudFront and an Application Load balancer. The X-Forwarded-For header lists the actual client IP and the CloudFront IP. Is there a way I can rate limit based on the first IP in this list, which is my client IP? I see traefik middleware supports specifying a depth field, but unfortunately, we are still on 1.6.
While googling I came across X-Real-IP header to get the actual client IP, but wasn't sure if that was supported and I couldn't find much documentation around it. It didn't print anything when I tried to print this header in the traefik access logs. Any thoughts on using this header for rate limiting?