mod_rewrite supports for years now REMOTE_ADDR *and* CONN_REMOTE_ADDR, see samle below, mod_remoteip don't give you any information within a PHP script about the physical connecting IP this can be crucial when your reverse-proxy adds headers which you can use in your application to make decisions because you should verify the source-ip to make sure that header is trustable the setup below has one big goal: decide via DNS if a website goes directly to httpd or for high traffic pages over the reverse-proxy which in this case would do TLS-offloading and sim,ilar decisions can happen within the application - or better said it should be posible to do so <IfModule mod_rewrite.c> RewriteEngine on RewriteCond %{CONN_REMOTE_ADDR} !^192\.168\.196\.2 RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} </IfModule>