diff --git a/templates/etc/nginx/conf.d/repopool-http-production.conf.j2 b/templates/etc/nginx/conf.d/repopool-http-production.conf.j2
index 56021fe..270a212 100644
--- a/templates/etc/nginx/conf.d/repopool-http-production.conf.j2
+++ b/templates/etc/nginx/conf.d/repopool-http-production.conf.j2
@@ -4,6 +4,12 @@
         server_name  _;
         root         /mnt/repos-production/mirror;
 
+        # Fastly sets the client IP in this header (and it cannot be overriden by user)
+        real_ip_header Fastly-Client-IP;
+        real_ip_recursive on;
+        set_real_ip_from 10.32.0.0/16;
+        set_real_ip_from ::/0;
+
         location / {
                 autoindex on;
         }
@@ -41,6 +47,12 @@
         ssl_certificate_key /etc/pki/tls/private/dl.rockylinux.org.key;
         ssl_ciphers  HIGH:!aNULL:!MD5;
 
+        # Fastly sets the client IP in this header (and it cannot be overriden by user)
+        real_ip_header Fastly-Client-IP;
+        real_ip_recursive on;
+        set_real_ip_from 10.32.0.0/16;
+        set_real_ip_from ::/0;
+
         location / {
                 autoindex on;
         }