Index: wp-settings.php
===================================================================
--- wp-settings.php	(revision 11300)
+++ wp-settings.php	(working copy)
@@ -105,6 +105,26 @@
 if ( empty($PHP_SELF) )
 	$_SERVER['PHP_SELF'] = $PHP_SELF = preg_replace("/(\?.*)?$/",'',$_SERVER["REQUEST_URI"]);
 
+// Correct comment's ip address with X-Forwarded-For http header if you are behind a proxy or load balancer.
+if ( isset($_SERVER['HTTP_X_FORWARDED_FOR']) ) {
+	// this one can have multiple IPs separated by a coma
+	$_SERVER['HTTP_X_FORWARDED_FOR'] = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
+	$_SERVER['HTTP_X_FORWARDED_FOR'] = $_SERVER['HTTP_X_FORWARDED_FOR'][0];
+}
+
+if ( function_exists('filter_var') ) {
+	if ( isset($_SERVER['HTTP_X_FORWARDED_FOR']) && filter_var($_SERVER['HTTP_X_FORWARDED_FOR'], FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE) )
+		$_SERVER['REMOTE_ADDR'] = filter_var($_SERVER['HTTP_X_FORWARDED_FOR'], FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE);
+	elseif ( isset($_SERVER['HTTP_X_REAL_IP']) && filter_var($_SERVER['HTTP_X_REAL_IP'], FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE) )
+		$_SERVER['REMOTE_ADDR'] = filter_var($_SERVER['HTTP_X_REAL_IP'], FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE);
+} else {
+	if ( isset($_SERVER['HTTP_X_FORWARDED_FOR']) )
+		$_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_FORWARDED_FOR'];
+	elseif ( isset($_SERVER['HTTP_X_REAL_IP']) )
+		$_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_REAL_IP'];
+}
+
+
 if ( version_compare( '4.3', phpversion(), '>' ) ) {
 	die( sprintf( /*WP_I18N_OLD_PHP*/'Your server is running PHP version %s but WordPress requires at least 4.3.'/*/WP_I18N_OLD_PHP*/, phpversion() ) );
 }
@@ -683,4 +703,4 @@
 // Everything is loaded and initialized.
 do_action('init');
 
-?>
+?>
\ No newline at end of file