I needed to put Cloudflare in front of Caddy and realized that the X-Forwarded-For header became less trustworthy since Cloudflare will pass along the value from the original request.
This is how I cleaned up the header without messing with Cloudflare rules.