diff --git a/README.rst b/README.rst
index a4f454a..f9e4447 100644
--- a/README.rst
+++ b/README.rst
@@ -85,6 +85,11 @@ Installs and enables the mod_fcgid module
 
 Enables the Apache module vhost_alias (Debian Only)
 
+``apache.mod_remoteip``
+----------------------
+
+Enables and configures the Apache module mod_remoteip using data from Pillar. (Debian Only)
+
 ``apache.vhosts.standard``
 --------------------------
 
diff --git a/apache/files/Debian/conf-available/remoteip.conf.jinja b/apache/files/Debian/conf-available/remoteip.conf.jinja
new file mode 100644
index 0000000..4a0e45a
--- /dev/null
+++ b/apache/files/Debian/conf-available/remoteip.conf.jinja
@@ -0,0 +1,4 @@
+RemoteIPHeader {{ salt['pillar.get']('apache:mod_remoteip:RemoteIPHeader', 'X-Forwarded-For') }}
+{%- for trusted_proxy in salt['pillar.get']('apache:mod_remoteip:RemoteIPTrustedProxy', []) %}
+RemoteIPTrustedProxy {{ trusted_proxy }}
+{%- endfor %}
diff --git a/apache/mod_remoteip.sls b/apache/mod_remoteip.sls
new file mode 100644
index 0000000..87fae3e
--- /dev/null
+++ b/apache/mod_remoteip.sls
@@ -0,0 +1,25 @@
+{% if grains['os_family']=="Debian" %}
+
+include:
+  - apache
+
+a2enmod remoteip:
+  cmd.run:
+    - unless: ls /etc/apache2/mods-enabled/remoteip.load
+    - order: 255
+    - require:
+      - pkg: apache
+    - watch_in:
+      - module: apache-restart
+
+/etc/apache2/conf-available/remoteip.conf:
+  file.managed:
+    - template: jinja
+    - source:
+      - salt://apache/files/{{ salt['grains.get']('os_family') }}/conf-available/remoteip.conf.jinja
+    - require:
+      - pkg: apache
+    - watch_in:
+      - service: apache
+
+{% endif %}
diff --git a/pillar.example b/pillar.example
index 0ddc9a0..6a69b0d 100644
--- a/pillar.example
+++ b/pillar.example
@@ -120,3 +120,10 @@ apache:
     # can be Full | OS | Minimal | Minor | Major | Prod
     # where Full conveys the most information, and Prod the least.
     ServerTokens: Prod
+
+  # ``apache.mod_remoteip`` formula additional configuration:
+  mod_remoteip:
+    RemoteIPHeader: X-Forwarded-For
+    RemoteIPTrustedProxy:
+      - 10.0.8.0/24
+      - 127.0.0.1
\ No newline at end of file