diff --git a/apps/terminal/api.py b/apps/terminal/api.py
index 810a19496..87311d5b2 100644
--- a/apps/terminal/api.py
+++ b/apps/terminal/api.py
@@ -141,7 +141,9 @@ class StatusViewSet(viewsets.ModelViewSet):
             session = serializer.save()
             return session
         else:
-            msg = "session data is not valid {}".format(serializer.errors)
+            msg = "session data is not valid {}: {}".format(
+                serializer.errors, str(serializer.data)
+            )
             logger.error(msg)
             return None
 
diff --git a/apps/users/api.py b/apps/users/api.py
index 8dbaf8b9a..05193d03c 100644
--- a/apps/users/api.py
+++ b/apps/users/api.py
@@ -128,7 +128,11 @@ class UserAuthApi(APIView):
         user_agent = request.data.get('HTTP_USER_AGENT', '')
 
         if not login_ip:
-            login_ip = request.META.get('HTTP_X_FORWARDED_FOR') or request.META.get("REMOTE_ADDR")
+            x_forwarded_for = request.META.get('HTTP_X_FORWARDED_FOR').split()
+            if x_forwarded_for:
+                login_ip = x_forwarded_for[0]
+            else:
+                login_ip = request.META.get("REMOTE_ADDR")
 
         user, msg = check_user_valid(
             username=username, password=password,
diff --git a/apps/users/utils.py b/apps/users/utils.py
index 685bf31d6..68840f955 100644
--- a/apps/users/utils.py
+++ b/apps/users/utils.py
@@ -180,8 +180,9 @@ def validate_ip(ip):
 
 def write_login_log(username, type='', ip='', user_agent=''):
     if not (ip and validate_ip(ip)):
-        ip = '0.0.0.0'
-    city = get_ip_city(ip)
+        city = "Unknown"
+    else:
+        city = get_ip_city(ip)
     LoginLog.objects.create(
         username=username, type=type,
         ip=ip, city=city, user_agent=user_agent
diff --git a/apps/users/views/login.py b/apps/users/views/login.py
index a5b78cc73..83d0fd891 100644
--- a/apps/users/views/login.py
+++ b/apps/users/views/login.py
@@ -53,8 +53,11 @@ class UserLoginView(FormView):
         if not self.request.session.test_cookie_worked():
             return HttpResponse(_("Please enable cookies and try again."))
         auth_login(self.request, form.get_user())
-        login_ip = self.request.META.get('HTTP_X_FORWARDED_FOR') or \
-                   self.request.META.get('REMOTE_ADDR', '')
+        x_forwarded_for = self.request.META.get('HTTP_X_FORWARDED_FOR', '').split()
+        if x_forwarded_for:
+            login_ip = x_forwarded_for[0]
+        else:
+            login_ip = self.request.META.get('REMOTE_ADDR', '')
         user_agent = self.request.META.get('HTTP_USER_AGENT', '')
         write_login_log_async.delay(
             self.request.user.username, type='W',