diff --git a/docs/installation/config.rst b/docs/installation/config.rst
index ae1d0d80..211826a9 100644
--- a/docs/installation/config.rst
+++ b/docs/installation/config.rst
@@ -90,6 +90,11 @@ Other settings
 * ``TWO_FACTOR_PATCH_ADMIN``: Whether to use the 2 Factor Authentication login flow for
   the admin or not. Default ``True``. You'll probably want to disable this when using OIDC.
 
+* ``USE_X_FORWARDED_HOST``: whether to grab the domain/host from the ``X-Forwarded-Host``
+  header or not. This header is typically set by reverse proxies (such as nginx,
+  traefik, Apache...). Default ``False`` - this is a header that can be spoofed and you
+  need to ensure you control it before enabling this.
+
 Initial superuser creation
 --------------------------
 
diff --git a/src/objects/conf/base.py b/src/objects/conf/base.py
index fce6fdcd..d77e8afb 100644
--- a/src/objects/conf/base.py
+++ b/src/objects/conf/base.py
@@ -33,6 +33,7 @@
 
 IS_HTTPS = config("IS_HTTPS", not DEBUG)
 ALLOWED_HOSTS = config("ALLOWED_HOSTS", default="", split=True)
+USE_X_FORWARDED_HOST = config("USE_X_FORWARDED_HOST", default=False)
 
 DATABASES = {
     "default": {