How to block traffic from specific countries using CloudFlare

If for any reason you want to block visitors from any country, the solution is extremely simple!

First, enable the IP Geolocation in CloudFlare

IP Geolocation card in Network app, Cloudflare dashboard.

And then everything can be done from .htaccess file, via apache server:

# Block countries - IP Geolocation
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP:CF-IPCountry} ^(CN|IR|PK|TH|BD)$
RewriteRule ^ - [F,L]
</IfModule>

The country code list can be find from the below link:
http://www.ip2country.net/ip2country/country_code.html

Fortinet SSL VPN connection logout after 8 hours

By default, a SSL VPN connection logouts after 8 hours. Which will cause some user disconnected while continuously working from home for more than 8 hours.

config vpn ssl settings

set idle-timeout 300

The idle-timeout is period of time in seconds that the SSL VPN will wait before timing out.
Default value is 300 seconds (5 minutes). Range: <0> to <259200>.


set auth-timeout 28800
The auth-timeout is period of time in seconds that the SSL VPN will wait before re-authentication is enforced.
Default value is 28800 seconds (8 hours). Range: <0> to <259200>

A value of 0 indicates no timeout.

Changes as above or changing tunnel/web mode will not impact the environment.

However, be aware:
Once a SSL VPN client is connected, a change to firewall address objects or IP pools under SSL VPN settings in a production environment will tear down all the active SSL VPN connections regardless of the above timeout.

Azure Solutions Architect Expert

Starting from June I have started to take Azure examination from Fundamentals, Associate and finally I have successfully achieved my Azure Solutions Architect Expert certification!

These are the examination path I took –
1. Microsoft Certified: Azure Fundamentals (AZ-900)
2. Microsoft Certified: Azure Administrator Associate (AZ-104)
3. Microsoft Certified: Azure Security Engineer Associate (AZ-500)
4. Microsoft Azure Architect Technologies (AZ-300) + Microsoft Azure Architect Design (AZ-301) = Microsoft Certified: Azure Solutions Architect Expert

Microsoft have their certifications aligned in three levels:

  1. Fundamentals – entry-level covering basic concepts
  2. Associate – more technical, mid-level
  3. Expert – aimed at experienced professionals

As you can see, if you are aiming to obtain an Expert certification, it’s highly recommended that you have had significant Azure experience. This can be demonstrated by obtaining the Associate level exam, however, it’s not a prerequisite to obtain an Associate exam prior to taking the Azure Solutions Architect Expert exams. For sure, without exposure to Azure, this will be a difficult certification to achieve.