diff --git a/manifests/config/apache.pp b/manifests/config/apache.pp
index 56f5059bc..8b6a861db 100644
--- a/manifests/config/apache.pp
+++ b/manifests/config/apache.pp
@@ -119,10 +119,23 @@
   String[1] $keycloak_app_name = 'foreman-openidc',
   String[1] $keycloak_realm = 'ssl-realm',
   Array[String[1]] $request_headers_to_unset = [
+    'REMOTE-USER',
     'REMOTE_USER',
+    'REMOTE-USER-EMAIL',
+    'REMOTE-USER_EMAIL',
+    'REMOTE_USER-EMAIL',
     'REMOTE_USER_EMAIL',
+    'REMOTE-USER-FIRSTNAME',
+    'REMOTE-USER_FIRSTNAME',
+    'REMOTE_USER-FIRSTNAME',
     'REMOTE_USER_FIRSTNAME',
+    'REMOTE-USER-LASTNAME',
+    'REMOTE-USER_LASTNAME',
+    'REMOTE_USER-LASTNAME',
     'REMOTE_USER_LASTNAME',
+    'REMOTE-USER-GROUPS',
+    'REMOTE-USER_GROUPS',
+    'REMOTE_USER-GROUPS',
     'REMOTE_USER_GROUPS',
   ],
 ) {
diff --git a/spec/classes/foreman_config_apache_spec.rb b/spec/classes/foreman_config_apache_spec.rb
index 0131b4396..de5bd7fa2 100644
--- a/spec/classes/foreman_config_apache_spec.rb
+++ b/spec/classes/foreman_config_apache_spec.rb
@@ -56,10 +56,23 @@
             'set SSL_CLIENT_S_DN ""',
             'set SSL_CLIENT_CERT ""',
             'set SSL_CLIENT_VERIFY ""',
+            'unset REMOTE-USER',
             'unset REMOTE_USER',
+            'unset REMOTE-USER-EMAIL',
+            'unset REMOTE-USER_EMAIL',
+            'unset REMOTE_USER-EMAIL',
             'unset REMOTE_USER_EMAIL',
+            'unset REMOTE-USER-FIRSTNAME',
+            'unset REMOTE-USER_FIRSTNAME',
+            'unset REMOTE_USER-FIRSTNAME',
             'unset REMOTE_USER_FIRSTNAME',
+            'unset REMOTE-USER-LASTNAME',
+            'unset REMOTE-USER_LASTNAME',
+            'unset REMOTE_USER-LASTNAME',
             'unset REMOTE_USER_LASTNAME',
+            'unset REMOTE-USER-GROUPS',
+            'unset REMOTE-USER_GROUPS',
+            'unset REMOTE_USER-GROUPS',
             'unset REMOTE_USER_GROUPS'
           ])
           .with_proxy_pass(
@@ -192,10 +205,23 @@ class { 'apache':
               'set SSL_CLIENT_S_DN "%{SSL_CLIENT_S_DN}s"',
               'set SSL_CLIENT_CERT "%{SSL_CLIENT_CERT}s"',
               'set SSL_CLIENT_VERIFY "%{SSL_CLIENT_VERIFY}s"',
+              'unset REMOTE-USER',
               'unset REMOTE_USER',
+              'unset REMOTE-USER-EMAIL',
+              'unset REMOTE-USER_EMAIL',
+              'unset REMOTE_USER-EMAIL',
               'unset REMOTE_USER_EMAIL',
+              'unset REMOTE-USER-FIRSTNAME',
+              'unset REMOTE-USER_FIRSTNAME',
+              'unset REMOTE_USER-FIRSTNAME',
               'unset REMOTE_USER_FIRSTNAME',
+              'unset REMOTE-USER-LASTNAME',
+              'unset REMOTE-USER_LASTNAME',
+              'unset REMOTE_USER-LASTNAME',
               'unset REMOTE_USER_LASTNAME',
+              'unset REMOTE-USER-GROUPS',
+              'unset REMOTE-USER_GROUPS',
+              'unset REMOTE_USER-GROUPS',
               'unset REMOTE_USER_GROUPS'
             ])
             .with_ssl_proxyengine(true)