diff --git a/util/net.go b/util/net.go
index 7f1152b77..6997f7035 100644
--- a/util/net.go
+++ b/util/net.go
@@ -2,6 +2,7 @@ package util
 
 import (
 	"net"
+	"net/http"
 	"strings"
 )
 
@@ -34,3 +35,15 @@ func IsPrivateNetwork(remoteAddr string) bool {
 
 	return false
 }
+
+// GetRequestIPStr get IP string from request
+func GetRequestIPStr(r *http.Request) (addr string) {
+	addr = "Remote: " + r.RemoteAddr
+	if r.Header.Get("X-Real-IP") != "" {
+		addr = addr + " ,Real-IP: " + r.Header.Get("X-Real-IP")
+	}
+	if r.Header.Get("X-Forwarded-For") != "" {
+		addr = addr + " ,Forwarded-For: " + r.Header.Get("X-Forwarded-For")
+	}
+	return addr
+}
diff --git a/util/net_test.go b/util/net_test.go
index bd21d71eb..db031b1dc 100644
--- a/util/net_test.go
+++ b/util/net_test.go
@@ -1,6 +1,7 @@
 package util
 
 import (
+	"net/http"
 	"testing"
 )
 
@@ -31,3 +32,13 @@ func TestIsPrivateNetwork(t *testing.T) {
 
 	}
 }
+
+// test get request IP string from request
+func TestGetRequestIPStr(t *testing.T) {
+	req := http.Request{RemoteAddr: "192.168.1.1", Header: http.Header{}}
+	req.Header.Set("X-Real-IP", "10.0.0.1")
+	req.Header.Set("X-Forwarded-For", "10.0.0.2")
+	if GetRequestIPStr(&req) != "Remote: 192.168.1.1 ,Real-IP: 10.0.0.1 ,Forwarded-For: 10.0.0.2" {
+		t.Errorf("GetRequestIPStr failed")
+	}
+}
diff --git a/web/basic_auth.go b/web/basic_auth.go
index 5f361cc67..5ad6feb08 100644
--- a/web/basic_auth.go
+++ b/web/basic_auth.go
@@ -30,7 +30,7 @@ func BasicAuth(f ViewFunc) ViewFunc {
 		if err != nil && time.Now().Unix()-startTime > 2*24*60*60 &&
 			(!util.IsPrivateNetwork(r.RemoteAddr) || !util.IsPrivateNetwork(r.Host)) {
 			w.WriteHeader(http.StatusForbidden)
-			log.Printf("配置文件为空, 超过2天禁止从公网访问。RemoteAddr: %s\n", r.RemoteAddr)
+			log.Printf("%q 配置文件为空, 超过2天禁止从公网访问。\n", util.GetRequestIPStr(r))
 			return
 		}
 
@@ -38,7 +38,7 @@ func BasicAuth(f ViewFunc) ViewFunc {
 		if conf.NotAllowWanAccess {
 			if !util.IsPrivateNetwork(r.RemoteAddr) || !util.IsPrivateNetwork(r.Host) {
 				w.WriteHeader(http.StatusForbidden)
-				log.Printf("%s 被禁止从公网访问\n", r.RemoteAddr)
+				log.Printf("%q 禁止从公网访问!\n", util.GetRequestIPStr(r))
 				return
 			}
 		}
@@ -51,7 +51,7 @@ func BasicAuth(f ViewFunc) ViewFunc {
 		}
 
 		if ld.FailTimes >= 5 {
-			log.Printf("%s 登陆失败超过5次! 并延时5分钟响应\n", r.RemoteAddr)
+			log.Printf("%q 登陆失败超过5次! 并延时5分钟响应!\n", util.GetRequestIPStr(r))
 			time.Sleep(5 * time.Minute)
 			if ld.FailTimes >= 5 {
 				ld.FailTimes = 0
@@ -84,7 +84,7 @@ func BasicAuth(f ViewFunc) ViewFunc {
 			}
 
 			ld.FailTimes = ld.FailTimes + 1
-			log.Printf("%s 登陆失败!\n", r.RemoteAddr)
+			log.Printf("%q 登陆失败!\n", util.GetRequestIPStr(r))
 		}
 
 		// 认证失败，提示 401 Unauthorized
@@ -92,6 +92,6 @@ func BasicAuth(f ViewFunc) ViewFunc {
 		w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`)
 		// 401 状态码
 		w.WriteHeader(http.StatusUnauthorized)
-		log.Printf("%s 请求登陆!\n", r.RemoteAddr)
+		log.Printf("%q 请求登陆!\n", util.GetRequestIPStr(r))
 	}
 }