Good day, how are you? I've been working in information security for about 10 years and running web servers since the 90s. I have dealt with things like this in the past.
Quick question, have you talked to your upstream provider to see if you can blackhole the DDOS? Otherwise, I can talk to them for you and see if we can setup mitigation steps in the case of future attacks as well.