diff --git a/Docker.md b/Docker.md
index 56c8f79..e8ddc36 100644
--- a/Docker.md
+++ b/Docker.md
@@ -95,6 +95,11 @@ Port mappings you might need:
  *  `-p 5443:5443/tcp -p 5443:5443/udp`: add if you are going to run AdGuard
     Home as a [DNSCrypt] server.
 
+   ###  Client IPs
+
+If you want AdGuardHome to see the original client IPs as opposed to something
+like `172.17.0.1`, you should add `--network host` to the list of options.
+
    ###  Control the container
 
  *  Start: `docker start adguardhome`
diff --git a/Encryption.md b/Encryption.md
index 0a40f30..a9be85d 100644
--- a/Encryption.md
+++ b/Encryption.md
@@ -179,15 +179,20 @@ Home will receive and interpret the value of this header as real client's
 address.  The address of the reverse proxy server will be received too and also
 checked against the "trusted" proxies list.
 
+Another header you might want to proxy is the `Host` header, which is required
+to make AdGuard Home recognize requests from clients that have a ClientID in
+their hostnames.
+
 For example, if the configuration of the reverse proxy server contains the
 following directives:
 
 ```none
 location /dns-query {
-   ...
+   # …
+   proxy_set_header Host $host;
    proxy_set_header X-Real-IP '1.2.3.4';
    proxy_bind 192.168.1.2;
-   ...
+   # …
 }
 ```
 
diff --git a/FAQ.md b/FAQ.md
index e40448d..90ea81f 100644
--- a/FAQ.md
+++ b/FAQ.md
@@ -348,9 +348,10 @@ configuration for your web server:
 
 ```none
 location /aghome/ {
+    proxy_cookie_path / /aghome/;
     proxy_pass http://AGH_IP:AGH_PORT/;
     proxy_redirect / /aghome/;
-    proxy_cookie_path / /aghome/;
+    proxy_set_header Host $host;
 }
 ```