Same LAN for WAF and applications?

Dear All,

This is what I read on the internet:

SafeLine must be installed on the same server as your website to monitor and protect its traffic effectively. If your WAF is on server A, it can’t protect sites on server B unless both are within the same local network.

[Source] (https://medium.com/@lulu.liu12345/comprehensive-guide-to-installing-configuring-and-testing-safeline-waf-ec0914884a36)

I have not found this requirement in the official docs...can you please confirm or disprove it?

Many thanks in advance!

No need. On the contrary, most people recommend deploying the WAF and the origin server on different servers, which makes configuration easier and prevents the server from being instantly overwhelmed during heavy attacks. If deployed on a single server, you'd also have to deal with port conflicts between the origin server and the WAF. As for your concern that deploying on two servers won't protect the site, simply configure the origin server's firewall to allow access only from the WAF server's IP address.