Which level of DoS protection is best to start off with for a startup building a social network from the ground up?

I have a tremendous amount of experience sending emails from new domains - perhaps 2,000,000 emails per year - and the long and short of it is this: email deliverability is tremendously complex. Why? For one thing, because of the constant battle between spammers, ISPs, ESPs and other players, among other things. Also, because email still uses some very old and outdated protocols that make this all more difficult. If your business is going to rely heavily on email, I would encourage to educate yourself now so that you won't be stymied as you grow. Many of the things I learned were through trial and error - which can be excruciatingly frustrating. Just a few of the things you should immediately begin working on: proper SPF, SenderID, DKIM compliance along with solid DNS set up. Additionally, if you will use email heavily, I would start now putting the pieces in place for later white labeling aa nd possible dedicated IP sending. In terms of the actual email content itself, that is another subject you will want to investigate. I'm not saying these things to discourage you - but rather to help you avoid the mistakes we made in the past. If you need a hand getting a little grip on this I probably can steer you in the right direction pretty quickly. Wish you the best in your endeavor! Adam

Godaddy is pain for developers and technical people, as it is set up for simple things. You can use any good hosting companies or any cloud servers. But if you need to talk to a human godaddy is a good option. Scalability will not be an issue with Godaddy, as they can sell you any infrastructure when you grow bigger.

Having worked a consultant with global consulting firms and served over fifty of the Fortune 500 companies, I have been a consultant for over 15 years. Although the type of work will vary, consultants need to know why they are being hired. What does your client expect from you? If consultants are armed with that knowledge, they can best apply their skills. I have seen many consultants who jump right into the problem without understanding the context of why they were hired and what success will look like from the client's perspective. A very specific visual that I use is to imagine what the bullet point on my resume needs to look like after I am done. What am I going to do for the client that they can measure and be happy with that I can put down as an example my advice had on the organization. Once I have that in mind, I make sure the client wants that too and the rest is just doing my job. Another thing that consultants may need to know is the type of company culture. If the organization has a lot of certain types of folks, like passive decision makers, the approach to take will accommodate this. The culture of an organization can shed a lot of light on what a consultant can realistically accomplish, especially as the consultant's approach and personality will have an effect on how successful they can be in that organization. I have worked with some organizations where I was not a good fit, while others made working together easy. Being aware of the culture can help the consultant modify their approach accordingly and even know when they may not be the best fit. It is a mature sign for a consultant to read the problem well enough to know that they are not the best person for the job.

Well if you built the app then I would suggest add a means to allow the community to flag inappropriate messages, then start banning the responsible users.

In a word: Forensics. Computer forensics is the art of examining a system and determining what happened upon it previously. The examination of file and memory artifacts, especially file timelines, can paint a very clear picture of what the attacker did, when they did it, and what they took. Just as an example - given a memory dump of a Windows system, it is possible to extract not only the command lines typed by an attacker, but also the output that they saw as a result of running those commands. Pretty useful in determining impact, eh? Depending on the freshness of the compromise, it's possible to tell quite a lot about what happened.