I only see reference to that header in the instructions for the long deprecated mod_cloudflare. The current method references the CF-Connecting-IP header. I don’t know if that will make a difference, but hopefully it helps.
It is not. If it were, the Community would be flooded with posts about it. It can only be a configuration issue on your end.
I have sites behind Cloudflare that use IP based access restrictions on the origin. They prompt for a username and password when accessed from an untrusted IP. If Cloudflare was not sending the actual visitor IPs, I would be facing unexpected password requests every day.
I’ve db checked with completelly different machine and completelly different app.
I took my personal laptop with express.js server versus aws ec2 with nginx.
In this case all headers also had wrong ip address.
for me it is also critical to have correct IP addresses, I will not use cloudflare otherwise. I just started using cloudflare and got on this issue.
I spend several days browsing and looking for possible fix, but did not find anything yet.