• After upgrading from Liferay 7.0 to a more recent Quarterly Release we are facing changes to the Audit_AuditEvent table, which was storing, in the clientIP column, the content of the 'X-FORWARDER-FOR' HTTP request header, which is meant to track the remote origin of the request.
• For each operation that is audited, we need to store the remote client IP address, in order to track the accesses, also for security reasons.

• Liferay DXP 7.4 Update 25 and above

This change was implemented due to potential security issues. Reading the X-FORWARDED-FOR header to determine the remote IP address is a portal-level concern, and relying on it solely could lead to security vulnerabilities. To address this, Liferay now avoids directly reading this header and instead leaves IP resolution to the Tomcat/AppServer configuration.

To restore the previous behavior, configure a RemoteIPValve in Tomcat. This valve allows specifying internal proxies and correctly identifying the remote client IP address, even when behind a load balancer or proxy server. More information about configuring RemoteIPValve can be found in the Tomcat documentation: https://tomcat.apache.org/tomcat-9.0-doc/api/org/apache/catalina/valves/RemoteIpValve.html