diff --git a/src/auditsource.js b/src/auditsource.js
index 40eb59b7a..97027e654 100644
--- a/src/auditsource.js
+++ b/src/auditsource.js
@@ -8,7 +8,7 @@ class AuditSource {
     }
 
     static fromRequest(req) {
-        const ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress || null;
+        const ip = req.headers['x-forwarded-for'] || req.socket.remoteAddress || null;
         return new AuditSource(req.user?.username, req.user?.id, ip);
     }
 
@@ -18,7 +18,7 @@ class AuditSource {
     }
 
     static fromOidcRequest(req) {
-        const ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress || null;
+        const ip = req.headers['x-forwarded-for'] || req.socket.remoteAddress || null;
         return new AuditSource('oidc', req.body?.username, ip);
     }
 }
diff --git a/src/dockerproxy.js b/src/dockerproxy.js
index f70db6e6c..f76adf2ea 100644
--- a/src/dockerproxy.js
+++ b/src/dockerproxy.js
@@ -29,7 +29,7 @@ async function authorizeApp(req, res, next) {
         return next();
     }
 
-    const [error, app] = await safe(apps.getByIpAddress(req.connection.remoteAddress));
+    const [error, app] = await safe(apps.getByIpAddress(req.socket.remoteAddress));
     if (error) return next(new HttpError(500, error));
     if (!app) return next(new HttpError(401, 'Unauthorized'));
     if (!app.manifest.addons?.docker) return next(new HttpError(401, 'Unauthorized'));
diff --git a/src/oidc.js b/src/oidc.js
index 275d2239c..93548fb49 100644
--- a/src/oidc.js
+++ b/src/oidc.js
@@ -545,7 +545,7 @@ function interactionLogin(provider) {
             return next(new HttpError(400, detailsError));
         }
 
-        const ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress || null;
+        const ip = req.headers['x-forwarded-for'] || req.socket.remoteAddress || null;
         const userAgent = req.headers['user-agent'] || '';
         const clientId = details.params.client_id;
 
@@ -615,7 +615,7 @@ function interactionConfirm(provider) {
     return async function (req, res, next) {
         async function raiseLoginEvent(user, clientId) {
             try {
-                const ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress || null;
+                const ip = req.headers['x-forwarded-for'] || req.socket.remoteAddress || null;
                 const userAgent = req.headers['user-agent'] || '';
                 const auditSource = AuditSource.fromOidcRequest(req);
 
diff --git a/src/routes/auth.js b/src/routes/auth.js
index 7dc4f27fb..e89cbc23d 100644
--- a/src/routes/auth.js
+++ b/src/routes/auth.js
@@ -30,7 +30,7 @@ async function login(req, res, next) {
     if ('type' in req.body && typeof req.body.type !== 'string') return next(new HttpError(400, 'type must be a string'));
 
     const type = req.body.type || tokens.ID_WEBADMIN;
-    const ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress || null;
+    const ip = req.headers['x-forwarded-for'] || req.socket.remoteAddress || null;
     const userAgent = req.headers['user-agent'] || '';
 
     const tokenTypeError = tokens.validateTokenType(type);
diff --git a/src/routes/provision.js b/src/routes/provision.js
index d2a896416..156d0a75d 100644
--- a/src/routes/provision.js
+++ b/src/routes/provision.js
@@ -109,7 +109,7 @@ async function activate(req, res, next) {
     const { username, password, email } = req.body;
     const displayName = req.body.displayName || '';
 
-    const ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress;
+    const ip = req.headers['x-forwarded-for'] || req.socket.remoteAddress;
 
     const [error, info] = await safe(provision.activate(username, password, email, displayName, ip, AuditSource.fromRequest(req)));
     if (error) return next(BoxError.toHttpError(error));