diff --git a/services/get-user.js b/services/get-user.js
index 61c85624..b9c9e457 100644
--- a/services/get-user.js
+++ b/services/get-user.js
@@ -2,8 +2,12 @@ module.exports = (config, req) => {
   try {
     if ( config.appConfig.auth.enableHeaderAuth ) {
       const userHeader = config.appConfig.auth.headerAuth.userHeader;
-      return { "success": true, "user": req.headers[userHeader.toLowerCase()] };
+      const proxyWhitelist = config.appConfig.auth.headerAuth.proxyWhitelist;
+      if ( proxyWhitelist.includes(req.socket.remoteAddress) ) {
+        return { "success": true, "user": req.headers[userHeader.toLowerCase()] };
+      }
     }
+    return {};
   } catch (e) {
     console.warn("Error get-user: ", e);
     return { 'success': false };