diff --git a/config/index.js b/config/index.js
index 45375fee..18d03960 100644
--- a/config/index.js
+++ b/config/index.js
@@ -354,6 +354,12 @@ var conf = convict({
     format: String,
     env: 'CORS_ORIGIN',
     default: '*'
+  },
+  clientAddressDepth: {
+    doc: 'location of the client ip address in the remote address chain',
+    format: Number,
+    env: 'CLIENT_ADDRESS_DEPTH',
+    default: 3
   }
 })
 
diff --git a/lib/server.js b/lib/server.js
index 0da541bd..54bb538f 100644
--- a/lib/server.js
+++ b/lib/server.js
@@ -194,9 +194,10 @@ function create(log, error, config, routes, db) {
       // Construct source-ip-address chain for logging.
       var xff = (request.headers['x-forwarded-for'] || '').split(/\s*,\s*/)
       xff.push(request.info.remoteAddress)
+      var clientAddressIndex = xff.length - (config.clientAddressDepth || 1)
       // Remove empty items from the list, in case of badly-formed header.
       request.app.remoteAddressChain = xff.filter(function(x){ return x })
-      request.app.clientAddress = request.app.remoteAddressChain[0]
+      request.app.clientAddress = request.app.remoteAddressChain[clientAddressIndex]
       request.app.acceptLanguage = trimLocale(request.headers['accept-language'])
 
       if (request.headers.authorization) {