diff --git a/13/umbraco-cms/reference/security/api-rate-limiting.md b/13/umbraco-cms/reference/security/api-rate-limiting.md
index bcb5d1d94e0..56124c7d3af 100644
--- a/13/umbraco-cms/reference/security/api-rate-limiting.md
+++ b/13/umbraco-cms/reference/security/api-rate-limiting.md
@@ -255,4 +255,8 @@ public class ApiRateLimiterComposer : IComposer
     }
 }
 ```
-{% endcode %}
\ No newline at end of file
+{% endcode %}
+
+{% hint style="info" %}
+When Umbraco runs behind a WAF or reverse proxy, rate-limiting may fail if the client IP address is not forwarded correctly. Configure your proxy or WAF to send the original client IP using headers like X-Forwarded-For. This will prevent all requests appearing to come from one IP address which would cause incorrect rate-limit enforcement.
+{% endhint %}
\ No newline at end of file
diff --git a/16/umbraco-cms/reference/security/api-rate-limiting.md b/16/umbraco-cms/reference/security/api-rate-limiting.md
index bcb5d1d94e0..56124c7d3af 100644
--- a/16/umbraco-cms/reference/security/api-rate-limiting.md
+++ b/16/umbraco-cms/reference/security/api-rate-limiting.md
@@ -255,4 +255,8 @@ public class ApiRateLimiterComposer : IComposer
     }
 }
 ```
-{% endcode %}
\ No newline at end of file
+{% endcode %}
+
+{% hint style="info" %}
+When Umbraco runs behind a WAF or reverse proxy, rate-limiting may fail if the client IP address is not forwarded correctly. Configure your proxy or WAF to send the original client IP using headers like X-Forwarded-For. This will prevent all requests appearing to come from one IP address which would cause incorrect rate-limit enforcement.
+{% endhint %}
\ No newline at end of file
diff --git a/17/umbraco-cms/reference/security/api-rate-limiting.md b/17/umbraco-cms/reference/security/api-rate-limiting.md
index bcb5d1d94e0..56124c7d3af 100644
--- a/17/umbraco-cms/reference/security/api-rate-limiting.md
+++ b/17/umbraco-cms/reference/security/api-rate-limiting.md
@@ -255,4 +255,8 @@ public class ApiRateLimiterComposer : IComposer
     }
 }
 ```
-{% endcode %}
\ No newline at end of file
+{% endcode %}
+
+{% hint style="info" %}
+When Umbraco runs behind a WAF or reverse proxy, rate-limiting may fail if the client IP address is not forwarded correctly. Configure your proxy or WAF to send the original client IP using headers like X-Forwarded-For. This will prevent all requests appearing to come from one IP address which would cause incorrect rate-limit enforcement.
+{% endhint %}
\ No newline at end of file