diff --git a/server.ts b/server.ts
index 9fe03fe5b5..8f37c551f0 100644
--- a/server.ts
+++ b/server.ts
@@ -75,6 +75,10 @@ export function app() {
    */
   const server = express();
 
+  // Tell Express to trust X-FORWARDED-* headers from proxies
+  // See https://expressjs.com/en/guide/behind-proxies.html
+  server.set('trust proxy', environment.ui.useProxies);
+
   /*
    * If production mode is enabled in the environment file:
    * - Enable Angular's production mode
diff --git a/src/config/config.util.spec.ts b/src/config/config.util.spec.ts
index 7896b1f5c2..2d1d8e1be7 100644
--- a/src/config/config.util.spec.ts
+++ b/src/config/config.util.spec.ts
@@ -10,6 +10,7 @@ describe('Config Util', () => {
       expect(appConfig.cache.msToLive.default).toEqual(15 * 60 * 1000); // 15 minute
       expect(appConfig.ui.rateLimiter.windowMs).toEqual(1 * 60 * 1000); // 1 minute
       expect(appConfig.ui.rateLimiter.max).toEqual(500);
+      expect(appConfig.ui.useProxies).toEqual(true);
 
       expect(appConfig.submission.autosave.metadata).toEqual([]);
 
@@ -25,6 +26,8 @@ describe('Config Util', () => {
       };
       appConfig.ui.rateLimiter = rateLimiter;
 
+      appConfig.ui.useProxies = false;
+
       const autoSaveMetadata = [
         'dc.author',
         'dc.title'
@@ -44,6 +47,7 @@ describe('Config Util', () => {
       expect(environment.cache.msToLive.default).toEqual(msToLive);
       expect(environment.ui.rateLimiter.windowMs).toEqual(rateLimiter.windowMs);
       expect(environment.ui.rateLimiter.max).toEqual(rateLimiter.max);
+      expect(environment.ui.useProxies).toEqual(false);
       expect(environment.submission.autosave.metadata[0]).toEqual(autoSaveMetadata[0]);
       expect(environment.submission.autosave.metadata[1]).toEqual(autoSaveMetadata[1]);
 
diff --git a/src/config/default-app-config.ts b/src/config/default-app-config.ts
index b1b64d1c87..146c7a57c4 100644
--- a/src/config/default-app-config.ts
+++ b/src/config/default-app-config.ts
@@ -37,7 +37,10 @@ export class DefaultAppConfig implements AppConfig {
     rateLimiter: {
       windowMs: 1 * 60 * 1000, // 1 minute
       max: 500 // limit each IP to 500 requests per windowMs
-    }
+    },
+
+    // Trust X-FORWARDED-* headers from proxies
+    useProxies: true,
   };
 
   // The REST API server settings
diff --git a/src/config/ui-server-config.interface.ts b/src/config/ui-server-config.interface.ts
index 93f90c345c..70e2fa3e26 100644
--- a/src/config/ui-server-config.interface.ts
+++ b/src/config/ui-server-config.interface.ts
@@ -11,4 +11,6 @@ export class UIServerConfig extends ServerConfig {
     max: number;
   };
 
+  // Trust X-FORWARDED-* headers from proxies
+  useProxies: boolean;
 }
diff --git a/src/environments/environment.test.ts b/src/environments/environment.test.ts
index 6fe4dd6516..7838a351bf 100644
--- a/src/environments/environment.test.ts
+++ b/src/environments/environment.test.ts
@@ -25,7 +25,8 @@ export const environment: BuildConfig = {
     rateLimiter: {
       windowMs: 1 * 60 * 1000, // 1 minute
       max: 500 // limit each IP to 500 requests per windowMs
-    }
+    },
+    useProxies: true,
   },
 
   // The REST API server settings.