diff --git a/src/app/Http/Kernel.php b/src/app/Http/Kernel.php
--- a/src/app/Http/Kernel.php
+++ b/src/app/Http/Kernel.php
@@ -85,4 +85,17 @@
         \Illuminate\Auth\Middleware\Authorize::class,
         \App\Http\Middleware\AuthenticateAdmin::class,
     ];
+
+    /**
+     * Handle an incoming HTTP request.
+     *
+     * @param \Illuminate\Http\Request $request HTTP Request object
+     *
+     * @return \Illuminate\Http\Response
+     */
+    public function handle($request)
+    {
+        // Overwrite the http request object
+        return parent::handle(Request::createFrom($request));
+    }
 }
diff --git a/src/app/Http/Middleware/TrustProxies.php b/src/app/Http/Middleware/TrustProxies.php
--- a/src/app/Http/Middleware/TrustProxies.php
+++ b/src/app/Http/Middleware/TrustProxies.php
@@ -12,7 +12,12 @@
      *
      * @var array|string
      */
-    protected $proxies = '*';
+    protected $proxies = [
+        '10.0.0.0/8',
+        '127.0.0.1/8',
+        '172.16.0.0/12',
+        '192.168.0.0/16'
+    ];
 
     /**
      * The headers that should be used to detect proxies.
diff --git a/src/app/Http/Request.php b/src/app/Http/Request.php
new file mode 100644
--- /dev/null
+++ b/src/app/Http/Request.php
@@ -0,0 +1,22 @@
+<?php
+
+namespace App\Http;
+
+use Illuminate\Http\Request as LaravelRequest;
+
+class Request extends LaravelRequest
+{
+    /**
+     * Get the client IP address.
+     *
+     * @return string|null
+     */
+    public function ip()
+    {
+        if (($client_ip = $this->headers->get('X-Client-IP')) && $this->isFromTrustedProxy()) {
+            return $client_ip;
+        }
+
+        return parent::ip();
+    }
+}
diff --git a/src/app/Observers/SignupCodeObserver.php b/src/app/Observers/SignupCodeObserver.php
--- a/src/app/Observers/SignupCodeObserver.php
+++ b/src/app/Observers/SignupCodeObserver.php
@@ -34,6 +34,15 @@
             }
         }
 
+        $code->headers = collect(request()->headers->all())
+            ->filter(function ($value, $key) {
+                // remove some headers we don't care about
+                return !in_array($key, ['cookie', 'referer', 'x-test-payment-provider', 'origin']);
+            })
+            ->map(function ($value) {
+                return is_array($value) && count($value) == 1 ? $value[0] : $value;
+            });
+
         $code->expires_at = Carbon::now()->addHours($exp_hours);
         $code->ip_address = request()->ip();
 
diff --git a/src/app/SignupCode.php b/src/app/SignupCode.php
--- a/src/app/SignupCode.php
+++ b/src/app/SignupCode.php
@@ -72,6 +72,8 @@
         'voucher'
     ];
 
+    protected $casts = ['headers' => 'array'];
+
     /**
      * The attributes that should be mutated to dates.
      *
diff --git a/src/composer.json b/src/composer.json
--- a/src/composer.json
+++ b/src/composer.json
@@ -16,6 +16,7 @@
     "require": {
         "php": "^7.1.3",
         "barryvdh/laravel-dompdf": "^0.8.6",
+        "doctrine/dbal": "^2.13",
         "dyrynda/laravel-nullable-fields": "*",
         "fideloper/proxy": "^4.0",
         "kolab/net_ldap3": "dev-master",
diff --git a/src/database/migrations/2021_04_08_150000_signup_code_headers.php b/src/database/migrations/2021_04_08_150000_signup_code_headers.php
new file mode 100644
--- /dev/null
+++ b/src/database/migrations/2021_04_08_150000_signup_code_headers.php
@@ -0,0 +1,40 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Schema;
+
+// phpcs:ignore
+class SignupCodeHeaders extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table(
+            'signup_codes',
+            function (Blueprint $table) {
+                $table->text('headers')->nullable();
+            }
+        );
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table(
+            'signup_codes',
+            function (Blueprint $table) {
+                $table->dropColumn('headers');
+            }
+        );
+    }
+}