diff --git a/applications/common/admin_log.py b/applications/common/admin_log.py
index 24a43734160b3c3c838f301c4a5310e74b099829..4bd719f72a93c5254c20999f1798ee595d708dc3 100644
--- a/applications/common/admin_log.py
+++ b/applications/common/admin_log.py
@@ -4,12 +4,19 @@ from applications.common.utils.validate import xss_escape
 from applications.extensions import db
 from applications.models import AdminLog
 
+def get_user_ip(request):
+    if request.headers.get('X-Forwarded-For'):
+        return request.headers['X-Forwarded-For']
+    elif request.headers.get('X-Real-IP'):
+        return request.headers.get('X-Real-IP')
+    else:
+        return request.remote_addr
 
 def login_log(request, uid, is_access):
     info = {
         'method': request.method,
         'url': request.path,
-        'ip': request.remote_addr,
+        'ip': get_user_ip(request),
         'user_agent': xss_escape(request.headers.get('User-Agent')),
         'desc': xss_escape(request.form.get('username')),
         'uid': uid,
@@ -35,7 +42,7 @@ def admin_log(request, is_access):
     info = {
         'method': request.method,
         'url': request.path,
-        'ip': request.remote_addr,
+        'ip': get_user_ip(request),
         'user_agent': xss_escape(request.headers.get('User-Agent')),
         'desc': xss_escape(str(dict(request.values))),
         'uid': current_user.id,