This article shows the configuration to protect a server from attacks from countries the user has no business with.
First, create an address object:
Go to Policy&Object -> addresses and then select 'create' and 'new address'
If there is a there is even 1 VIP policy on the FortiGate then this policy will not work as expected. To make this work ensure that in the policy itself add a command to match it to the VIP or add the destination as all The VIPs you have in the destination instead of 'all'.
config firewall policy
edit <policy-id> <----- Here the policy policy ID would be of the "Block Geoloction Traffic" as seen in the screenshot above.set match-vip enable