{{The event monitor uses the API address of the origin of the request to track the actions. The plugin uses two methods to retrieve this: the main method uses the global server variable Remote-Addr available in most modern web servers, and an alternative method uses custom HTTP headers (which are unsafe by default). You should not worry about this option unless you know what a reverse proxy is. Services like the Sucuri Firewall — once active — force the network traffic to pass through them to filter any security threat that may affect the original server. A side effect of this is that the real IP address is no longer available in the global server variable Remote-Addr but in a custom HTTP header with a name provided by the service.}}