I'm looking into rate-limiting using nginx's HttpLimitReqModule. However, requests are all coming from the same IP (a loadbalancer), with the real IP address in the headers.
Is there a way to have nginx rate-limit based on the ip in the X-Forwarded-For
header instead of the ip of the source?