How to Sanitize user IP?

If the IP value returned from your server has a special character,
you can use:wp_statistics_sanitize_user_ipfilter in your WordPress for getting real user IP from your $_SERVER.

For example:
If your $_SERVER: 192.000.000.1, 192.000.000.2, 192.000.000.3
And your real IP is: 192.000.000.1
You can use a final filter like this:

add_filter( 'wp_statistics_sanitize_user_ip', 'sanitize_user_ip' );
function sanitize_user_ip( $user_ip ) {
    $ip_list = explode( ",", $user_ip );
    $user_ip = trim( $ip_list[0] );

    return $user_ip;
}

Or if your $_SERVER: for=192.000.000.1;proto=http;host=site.com
And your real IP is: 192.000.000.1
Use this one:

add_filter( 'wp_statistics_sanitize_user_ip', 'sanitize_user_ip' );
function sanitize_user_ip( $user_ip ) {
    $regex = '/(?<=for=).*?(?=;)/';
    preg_match( $regex, $user_ip, $ip );
    $user_ip = $ip[0];

    return $user_ip;
}

You can add each code on top of your activate theme functions.php.