This is a complex issue, while yes it is true you can manage your own DDoS defense, you need the capacity to do so, attacks can come in such great size that you have no way to even deal with them as the data pipeline is saturated. This is what gave rise to cloudflare...
When the cost of 10G + sized links/hardware became affordable enough to have hundreds and even thousands of gb/s of capacity now you have the pipe to take the attack, and drop the bad packets and allow the good ones.
Filtering the traffic can be done with automation and hardware like RioRey or Palo Alto and Radware, but in the end you need a team of qualified engineers who can analyze the attack vector and tune the hardware to drop the attack.
Servers themselves need to be hardened to be able to withstand a much higher PPS and to drop bad requests that get through, like distributed syn-ack.
There are also many other 3rd parties that could help filter traffic much like what cloudflare does, and possibly even better. A simple duck-duck-go search would reveal these.
This is a complex issue, while yes it is true you can manage your own DDoS defense, you need the capacity to do so, attacks can come in such great size that you have no way to even deal with them as the data pipeline is saturated. This is what gave rise to cloudflare...
When the cost of 10G + sized links/hardware became affordable enough to have hundreds and even thousands of gb/s of capacity now you have the pipe to take the attack, and drop the bad packets and allow the good ones.
Filtering the traffic can be done with automation and hardware like RioRey or Palo Alto and Radware, but in the end you need a team of qualified engineers who can analyze the attack vector and tune the hardware to drop the attack.
Servers themselves need to be hardened to be able to withstand a much higher PPS and to drop bad requests that get through, like distributed syn-ack.
Some good reading here enter text
There are also many other 3rd parties that could help filter traffic much like what cloudflare does, and possibly even better. A simple duck-duck-go search would reveal these.