diff --git a/ext/rack/files/apache2.conf b/ext/rack/files/apache2.conf
index 097e3a054..0d82cb414 100644
--- a/ext/rack/files/apache2.conf
+++ b/ext/rack/files/apache2.conf
@@ -1,42 +1,45 @@
 
 # you probably want to tune these settings
 PassengerHighPerformance on
 PassengerMaxPoolSize 12
 PassengerPoolIdleTime 1500
 # PassengerMaxRequests 1000
 PassengerStatThrottleRate 120
 RackAutoDetect Off
 RailsAutoDetect Off
 
 Listen 8140
 
 <VirtualHost *:8140>
         SSLEngine on
         SSLProtocol -ALL +SSLv3 +TLSv1
         SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
 
         SSLCertificateFile      /etc/puppet/ssl/certs/squigley.namespace.at.pem
         SSLCertificateKeyFile   /etc/puppet/ssl/private_keys/squigley.namespace.at.pem
         SSLCertificateChainFile /etc/puppet/ssl/ca/ca_crt.pem
         SSLCACertificateFile    /etc/puppet/ssl/ca/ca_crt.pem
         # If Apache complains about invalid signatures on the CRL, you can try disabling
         # CRL checking by commenting the next line, but this is not recommended.
         SSLCARevocationFile     /etc/puppet/ssl/ca/ca_crl.pem
         SSLVerifyClient optional
         SSLVerifyDepth  1
         SSLOptions +StdEnvVars
 
+        # This header needs to be set if using a loadbalancer or proxy
+        RequestHeader unset X-Forwarded-For
+
         RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e
         RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
         RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e
 
         DocumentRoot /etc/puppet/rack/public/
         RackBaseURI /
         <Directory /etc/puppet/rack/>
                 Options None
                 AllowOverride None
                 Order allow,deny
                 allow from all
         </Directory>
 </VirtualHost>