diff --git a/http/http.go b/http/http.go
index 2119942..b4130f6 100644
--- a/http/http.go
+++ b/http/http.go
@@ -49,12 +49,11 @@ func New(db geo.Reader) *Server {
 }
 
 func ipFromForwardedForHeader(v string) string {
-	// Handle both comma and comma+space separator
-	ips := strings.Fields(strings.Replace(v, ",", " ", -1))
-	if len(ips) == 0 {
-		return ""
+	sep := strings.Index(v, ",")
+	if sep == -1 {
+		return v
 	}
-	return ips[0]
+	return v[:sep]
 }
 
 func ipFromRequest(headers []string, r *http.Request) (net.IP, error) {
diff --git a/http/http_test.go b/http/http_test.go
index 4c67bae..0849019 100644
--- a/http/http_test.go
+++ b/http/http_test.go
@@ -163,6 +163,7 @@ func TestIPFromRequest(t *testing.T) {
 		{"127.0.0.1:9999", "X-Forwarded-For", "1.3.3.7", []string{"X-Real-IP", "X-Forwarded-For"}, "1.3.3.7"}, // Second trusted header matches
 		{"127.0.0.1:9999", "X-Forwarded-For", "1.3.3.7,4.2.4.2", []string{"X-Forwarded-For"}, "1.3.3.7"},      // X-Forwarded-For with multiple entries (commas separator)
 		{"127.0.0.1:9999", "X-Forwarded-For", "1.3.3.7, 4.2.4.2", []string{"X-Forwarded-For"}, "1.3.3.7"},     // X-Forwarded-For with multiple entries (space+comma separator)
+		{"127.0.0.1:9999", "X-Forwarded-For", "", []string{"X-Forwarded-For"}, "127.0.0.1"},                   // Empty header
 	}
 	for _, tt := range tests {
 		r := &http.Request{