Revert log level severity for unknown proxy in ForwardedHeadersMiddleware

[BrennanConroy]

Revert logging severity in ForwardedHeaders middleware

Description

As part of strengthening our security posture in the ForwardedHeaders middleware we increased the severity of a log from Debug to Warning hoping to give consumers a more obvious signal that unexpected requests were hitting their application.

Unfortunately, that change doesn't have the intended effect as it's not uncommon to receive valid requests that have unknown IP addresses in the forwarded headers. e.g. In a proxy scenario where the proxy isn't hosted in a well-defined IP range, or a request goes through many proxy layers and the application is only aware of the last layer, etc.

Customer Impact

Customers are receiving lots of Warning logs, which may trigger telemetry checks, unexpectedly increase log storage size, etc.

Regression?

• Yes
• No

Change was intended as a signal that unexpected requests were being received, which isn't really accurate in real apps.

Risk

• High
• Medium
• Low

Just changing a log level to what it was before.

Verification

• Manual (required)
• Automated

Packaging changes reviewed?

• Yes
• No
• N/A

[Copilot]

Pull Request Overview

This PR reverts the logging severity for unknown proxy IP addresses in ForwardedHeadersMiddleware from Warning back to Debug. The change addresses customer complaints about excessive warning logs that were being generated by legitimate traffic patterns, such as requests from proxies with dynamic IPs or multi-layer proxy scenarios where only the last layer is known to the application.

Key Changes

• Reduced log severity from Warning to Debug for unknown proxy IP addresses
• Reverts a previous security-focused change that had unintended consequences in production