A DDoS attack (Distributed Denial of Service) is an attack that seeks to make an online service unavailable to it's end users. It can do this by using multiple machines to force a site to consume more resources than it has available to it, therefore leading to user requests being denied. These resources can be anything from CPU cycles to consuming all the bandwidth available to a site. In some instances these attacks are launched to extort money out of a site administrator.
Cloudflare's network is built to mitigate large DDOS attacks and can help mitigate and protect against many DDoS attacks. Cloudflare has a track record of defeating DDOS attacks, including attacks above 500Gpbs. If you are having issues with DDoS attacks, here are some quick tips that can help mitigate an attack:
1. Enable CloudFlare's "I'm Under Attack Mode" in your Security Settings. All CloudFlare Plans have this Basic DDoS Protection available in their CloudFlare Security Settings.
Need more advanced DDoS Protection? Please look at CloudFlare's Business and Enterprise plans.
3. If you know which countries are sending most of the bot traffic to your site, you can block them in your CloudFlare Threat Control panel. A block will challenge all visitors from that country, which means only visitors that pass the captcha can enter your site. You also have the option of blocking by individual IP, IP ranges or ASNs in your Threat Control panel, if desired.
For more detailed steps, please follow the instructions in the tutorial: I am under DDoS attack, what do I do?