diff --git a/conf/nginx.conf b/conf/nginx.conf
index 234839e53..ef608a6d6 100644
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@@ -10,9 +10,11 @@ http {
     include rate-limiting.conf;
 
     server {
+        include proxy-protocol.conf;
+
         include server-base.conf;
 
-        listen 443 default;
+        listen 443 default proxy_protocol;
 
         ssl on;
         ssl_certificate ./stack/ssl.cert;
diff --git a/conf/proxy-protocol.conf b/conf/proxy-protocol.conf
new file mode 100644
index 000000000..650502409
--- /dev/null
+++ b/conf/proxy-protocol.conf
@@ -0,0 +1,8 @@
+# vim: ft=nginx
+
+set_real_ip_from 10.0.0.0/8
+real_ip_header proxy_protocol;
+log_format elb_pp '$proxy_protocol_addr - $remote_user [$time_local] '
+                  '"$request" $status $body_bytes_sent '
+                  '"$http_referer" "$http_user_agent"';
+access_log /var/log/nginx/nginx.access.log elb_pp;