Visitor Ip issue

Dear Wordfence Support Team,

I am writing to request assistance with a persistent issue regarding IP address detection on my website, vitser-jokes.dk.

For the past two months, my advertising partner (Ad Nordics) has repeatedly flagged traffic from my site as fraudulent, leading to frequent bans from their network and a significant loss of revenue.

According to their technical team and their partners, the core problem seems to be that requests originating from or passing through my site are often registered with our server’s IP address instead of the actual visitor’s IP address.

Here’s the latest feedback I received from my ad partner, quoting their development team:

“I’ve received some feedback from the development, and they are saying that this setting sets the logic on how you get IPs. They’ve mentioned that it could be that the IPs you’re getting here are different from the ones that are passed to us. If X-Real-IP is/was the setting used to pass IP to us, then it either should be changed or you should check in with Wordfence to check if the IPs are resolved correctly. … I’d say the best course of action here would be to check in with Wordfence, and make sure that the IP you’re getting is real user IP, and to make sure that it is the IP that is passed to us.”

We have tried adjusting the Wordfence IP detection setting (Wordfence -> All Options -> General Wordfence Options -> How does Wordfence get IPs?) multiple times:

1. We initially tried X-Forwarded-For.
2. We later switched to X-Real-IP based on an in-plugin recommendation.
3. Most recently (around April 25th), my contact at Ad Nordics changed it back to the first recommended option (likely “Let Wordfence use the most secure method…”) because the other options might cause issues without a frontend proxy.

My site (vitser-jokes.dk) is hosted on Scalahosting, and I am currently not using a service like Cloudflare.

Despite these changes, the issue of being flagged for fraudulent (likely server-based) IPs persists.

Could you please help me with the following:

1. Verify if Wordfence is correctly configured on my site to reliably detect the real visitor IP address given my hosting setup (Scalahosting, no frontend proxy)?
2. Confirm which setting under “How does Wordfence get IPs?” is the most appropriate and secure for my specific setup to ensure the actual visitor IP is captured and used/passed on correctly?
3. Is there any other configuration within Wordfence or a potential conflict that could be causing the server IP to be logged or passed instead of the true visitor IP?

Resolving this is critical for my site’s operation and ad revenue. Any guidance or steps you can provide would be greatly appreciated.

Thank you for your time and assistance.

Best regards,

Azad Habib

The page I need help with: [log in to see the link]