Hi, I stumbled on that bug, and found that MOD_RPAF here https://github.com/gnif/mod_rpaf has a 0.8.4 version on which the apache 2.4 compatibility is assured,
I compiled it using libapache2-mod-rpaf source package, only replacing the mod_rpaf.c (and debian/rules to use mod_rpaf.c instead of 2.0.c) The difference is important, because with current Stretch package, we have - the right IP address (the one from X-Forwarded-For) in LOG FILES - BUT the wrong one on CGI processes such as PHP or others, where we have the real client IP (127.0.0.1 in my case) with rpaf 0.8.4 we have the right IP address everywhere. Could you please package the upstream in debian ? People advising us to use remoteip, I don't see it in debian : https://packages.debian.org/search?keywords=libapache2-mod-remoteip thanks, Benjamin Sonntag
