Should we trust the 'real' ip?

What really is Real IP address ? This comes into picture when a client makes a request to a remote server and the request is served through multiple reverse proxies. The IP address of the client from which the request is originating is the real IP address. In enterprise software application, knowing the real IP of the client becomes essential in following scenarios: Rate limiting based on IP address Restricting access to an API for specific IP address There are three configurations to resolve the original client IP address: