Terms and Conditions

Last updated: December 8, 2020

Please read these Terms of Use (“Terms”, “Terms of Use”) carefully before using the https://www.discoversouthafrica.info website (the “Service”) operated by Discover South Africa (“us”, “we”, or “our”).

Your access to and use of the Service is conditioned on your acceptance of and compliance with these Terms. These Terms apply to all visitors, users and others who access or use the Service.

By accessing or using the Service you agree to be bound by these Terms. If you disagree with any part of the terms then you may not access the Service.

Accounts

When you create an account with us, you must provide us information that is accurate, complete, and current at all times. Failure to do so constitutes a breach of the Terms, which may result in immediate termination of your account on our Service.

You are responsible for safeguarding the password that you use to access the Service and for any activities or actions under your password, whether your password is with our Service or a third-party service.

You agree not to disclose your password to any third party. You must notify us immediately upon becoming aware of any breach of security or unauthorized use of your account.

Intellectual Property

The Service and its original content, features and functionality are and will remain the exclusive property of Discover South Africa and its licensors.

Links To Other Web Sites

Our Service may contain links to third-party web sites or services that are not owned or controlled by Discover South Africa.

Discover South Africa has no control over, and assumes no responsibility for, the content, privacy policies, or practices of any third party web sites or services. You further acknowledge and agree that Discover South Africa shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such content, goods or services available on or through any such web sites or services.

We strongly advise you to read the terms and conditions and privacy policies of any third-party web sites or services that you visit.

Termination

We may terminate or suspend access to our Service immediately, without prior notice or liability, for any reason whatsoever, including without limitation if you breach the Terms.

All provisions of the Terms which by their nature should survive termination shall survive termination, including, without limitation, ownership provisions, warranty disclaimers, indemnity and limitations of liability.

We may terminate or suspend your account immediately, without prior notice or liability, for any reason whatsoever, including without limitation if you breach the Terms.

Upon termination, your right to use the Service will immediately cease. If you wish to terminate your account, you may simply discontinue using the Service.

All provisions of the Terms which by their nature should survive termination shall survive termination, including, without limitation, ownership provisions, warranty disclaimers, indemnity and limitations of liability.

Online Chat

Discover South Africa permits users via their systems to communicate in writing with each other. However, hate speech, racist rhetoric, sexist or foul / offensive language will not be permitted. Furthermore, messages designed to incite violence or to radicalize people will not be allowed nor will references to illegal substances. Any user found not adhering to these rules will removed from the Discover South Africa platform.

Our Hosting Service Provider

Physical security

Location

Our hosting service provider houses their servers in data centres across three locations: Samrand (Gauteng), Cape Town and Germany.

The following applies specifically to their Samrand Data Centre, although similar standards and measures apply in their other data centre locations.

Their Data Centre Park in Samrand is their default hosting location. The facility is not in a direct flight path or low lying area and is centrally located between Johannesburg and Pretoria with a major power substation close by. A geotechnical audit has been done to ensure ground stability.

Surveillance

The Samrand data centre uses 45 internal and external surveillance cameras, as well as 10 perimeter cameras, which are strategically placed and monitored around the clock to ensure that all servers remain off-limits to anyone without security clearance. High-voltage security fences and a 24/7 security presence help to deter any opportunistic crimes.

Access control

Customers, employees and contractors our hosting service provider have varying levels of authorised access to different areas of their facility, controlled by high-tech biometric scanning systems, with 20 devices and pin-coded keypads. Colocation customers have 24/7 unattended access to their POD and a unique pin to each of their racks.

Fire prevention

The facility is custom-designed for low fire risk, with a Very Early Smoke Detection Apparatus (VESDA) installed to trigger alarms at even the slightest hint of smoke particles.

There are no flammable materials present in the ‘white space’ in the Data Centre and all cabling is fire-retardant.

Power outages

An 11kV power supply from the municipal power utility energises a fault-tolerant, medium-voltage ring that powers two separate low-voltage 2MVA energy centres. These A- and B feeds power mission-critical infrastructure such as IT load, air conditioning, security systems and emergency lighting. They provide seamless electrical failover with their own emergency backup power systems in the event of a power failure.

They have on-site fuel storage sufficient to run our generators for  7 days’ continuously. Our UPS’s provide always-on power, with battery standby time of 30 minutes.

Connectivity

Our hosting service providers network is multi-homed with multiple uplinks per data centre via at least two Tier 1 upstream providers and peering partners. Should a network failure occur, traffic is automatically rerouted via alternate uplinks, significantly increasing their network resilience.

Connectivity is provided through diverse, redundant fibre routes connecting the facility to a 10Gbps fibre ring.

Network security

Network level security consists of three main components:

  • DDoS mitigation
  • VLAN reverse path forwarding protection
  • Juniper firewall rules at the network edge and core

DDoS mitigation

A DDoS detection and mitigation system is deployed in both the Cape Town and Samrand data-centres. DDoS attack traffic is diverted to a filter/scrubbing server that can distinguish between valid and malicious traffic. Malicious traffic is scrubbed off while valid traffic is re-injected into the network. The victim IP is not affected during the DDoS attack. DDoS detection and mitigation is fully automated and traffic diversion occurs automatically.

Small DDoS attacks are scrubbed locally in the data-centre by the mitigation system. For larger attacks, traffic is diverted to an international DDoS mitigation provider which then sends the clear traffic on to South Africa.

VLAN Reverse path forwarding protection

Reverse path forwarding protection is enabled for all VLANs in our hosting service providers data centres. This policy ensures that only the subnets allocated to a VLAN can generate traffic for that VLAN. This helps to mitigate two kinds of malicious traffic:

  • Source-spoofed traffic where a host is sending out traffic for subnets that do not belong to the VLAN.
  • Inter-VLAN subnet spoofing, where a host in one VLAN uses IP addresses from another VLAN using source-spoofing.

Juniper firewall rules

Firewall rules on the data centre network edge and at the core are used to protect the network in a number of ways:

  • Rate-limiting of certain protocols to protect the network infrastructure.
  • Blocking of certain protocols and destination IP addresses to protect operating systems.
  • Restricting access to certain hosts and protocols to defined lists of source addresses.
  • Blocking of abusive IP addresses and hosts.

Monitoring

All servers managed by our hosting service provider are monitored 24/7 for all critical services and hardware health. Their reactive system administrators react to monitoring alerts as they are identified and escalate issues to data centre staff or platform engineers.

Platform security

Servers

All servers used to provide our hosting service providers managed hosting service, both for shared web hosting and dedicated managed servers are physical servers exclusively provisioned and managed by our hosting service provider.

Our hosting service providers self-managed servers are provisioned by our hosting service provider, while the software is maintained by the customer.

Servers are designed to provide redundancy and reliability, including multi-core, multi-CPU systems, ECC (Error-Correcting Code) memory modules to detect and correct data corruption in real time and enterprise grade storage that includes hard disk and solid state drives.

All data is stored on dedicated, robust RAID storage arrays providing data redundancy and integrity.

Additionally, their TruServ Commerce range of Self-Managed servers include a Battery Backup Unit (BBU) which protects and maintains the data on RAID cards.

Security response policy

All relevant security advisories are evaluated weekly. Our hosting service provider makes use of Debian Linux and trusts their security response to all CVEs.

Note: Debian is a slow moving distribution, which means that versioning misinterpretation regarding security vulnerabilities may occur when looking at the output of a typical automated security scan. Debian don’t upgrade major versions for any releases once they move into the stable release phase, but they do apply security patches. Therefore it may appear that the old stable release of Debian is running an insecure version of certain software packages e.g. OpenSSL (1.0.1t-1). However, once the Debian patch version is applied (1.0.1t-1+deb7u3), the vulnerability is addressed. This indicates the Debian maintainer’s ongoing commitment to patching security related issues on all supported versions of Debian.

Our hosting service provider is committed to updating all software to the latest stable versions within 7 days of their release, and within 24 hours for critical software updates.

Remote access

Access to managed servers is limited by means of a Linux firewall software. All managed servers make use of the same incoming firewall rules and our hosting service provider does not allow any deviation from the standard rulesets.

Backups

All of our hosting service providers Managed Servers (i.e. Web hosting and Managed Servers) are automatically backed up in the early hours of the morning. The backup includes all critical data required for disaster recovery.

Backups are made of the home directory as well as databases. The home directory will include site content, web logs and any mail that was on the server at the time that backup was completed.

Restores up to the previous 2 weeks of backup data can potentially be facilitated, however, this is not guaranteed. If you have critical data which you cannot afford to lose in the event of a disaster, keep a copy of your data locally (or at an alternate location) as well.

Software development

Stack: Our hosting service provider has a strong focus on open source technologies and mainly uses PHP and Ruby as their backend languages. Their frontend stack consists of HTML/HTML5, CSS/CSS3 and various JavaScript frameworks. They use varying database technologies including MySQL, MariaDB and Postgres.

Coding Practices: Our hosting service provider follows an Agile development methodology and uses best practices and industry-standard secure coding guidelines to ensure security is always top of mind. External penetration testing providers are used to validate that they are secure.

Anti-virus

All servers (which are Linux based) run Clam anti-virus which is updated as new virus definitions are released. Servers are scanned daily.

User passwords

Passwords are stored in a one-way encrypted format. Our hosting service provider is not able to retrieve any passwords. Due to the broad technology implementation across their hosting software and platform, they employ a number of different password hashing algorithms e.g. bcrypt, sha-512.  They implement industry standard practices for mitigating various password cracking methods e.g:

  • Password salts to mitigate rainbow attacks
  • Multiple password hashing rounds (key stretching) to massively draw out brute force attacks

Other

Incident response

Our hosting service provider has good incident response plans, procedures and practices in place that mean that they respond to incidents or data breaches quickly and effectively.

Trust and Safety team

Our hosting service providers dedicated team of Trust and Safety consultants monitor the hosting platform for any form of abuse such as compromised websites and mailboxes, network abuse and phishing attacks and take swift remedial steps. They also contribute towards adapting their systems to current trends in spam to ensure that their spam filtering service is effective.

Accreditation

Our hosting service provider has not undertaken the SOC 2 or ISO 27001 accreditation, though they fully support the Trust Service Principles (TSP) of security, availability, processing integrity, confidentiality and privacy, and they commit to security best business practices and continuous improvement.

Customer responsibilities

While our hosting service provider cares for the hosting infrastructure including the network and servers, it is a users responsibility to keep their data secure (use secure passwords and store them safely and ensure sufficient security for your web applications).

Disclaimer

Your use of the Service is at your sole risk. The Service is provided on an “AS IS” and “AS AVAILABLE” basis. The Service is provided without warranties of any kind, whether express or implied, including, but not limited to, implied warranties of merchantability, fitness for a particular purpose, non-infringement or course of performance.

Discover South Africa accepts no responsibility for, and will not be liable for, this platform being temporarily unavailable due to technical issues beyond our control.

Discover South Africa accepts no responsibility or liability for the accuracy of any of the information displayed on the Discover South Africa platform. Discover South Africa endeavors to keep the information on the site up to date and correct, however we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk.

Discover South Africa shall not be liable for any loss or damage arising from or otherwise in connection with your use of the platform or any information, services or content displayed.

Discover South Africa accepts no responsibility or liability for the services rendered by or any of the products sold by any of the suppliers / service providers listed on the Discover South Africa website. Furthermore, Discover South Africa shall not be held liable for any loss, damage, injury and or death resulting from the services rendered by or any of the products sold by any of the suppliers / service providers listed on the Discover South Africa platform.

Discover South Africa does not control the manner in which its viewers utilise the information herein, and as such Discover South Africa accepts no responsibility or liability for any loss or damage that a service provider or supplier may suffer as a result of being listed on the Discover South Africa platform.

Governing Law

These Terms shall be governed and construed in accordance with the laws of South Africa without regard to its conflict of law provisions.

Our failure to enforce any right or provision of these Terms will not be considered a waiver of those rights. If any provision of these Terms is held to be invalid or unenforceable by a court, the remaining provisions of these Terms will remain in effect. These Terms constitute the entire agreement between us regarding our Service, and supersede and replace any prior agreements we might have between us regarding the Service.

Changes

We reserve the right, at our sole discretion, to modify or replace these Terms at any time. If a revision is material we will try to provide at least 30 days notice prior to any new terms taking effect. What constitutes a material change will be determined at our sole discretion.

By continuing to access or use our Service after those revisions become effective, you agree to be bound by the revised terms. If you do not agree to the new terms, please stop using the Service.

Contact Us

If you have any questions about these Terms, please contact us.

 

Discover South Africa

FREE
VIEW