I just want to share my strategy on how to investigate and resolve the issue on DDoS Attack on your domain by IP. You can follow on my tutorial by image here
Optionally, you can rewrite URL to block the Perpetrator's IP if this helps:
Apache:
<Limit GET POST>
Order Allow,Deny
Allow from all
Deny from <IP_ADDRESS>
</Limit>
NGINX:
server {
# ... other server settings
deny <IP_ADDRESS>;
}
Last one, block the Perpetrator's IP from firewall
I hope this could help you resolve this issue temporary and make sure you will enable Fail2Ban for your site and proxy your domain IP through cloudflare if possible.