In that case you will need a hardware firewall in front from your VPS which are very expensive ( ~$30k ) or you could move to some host that provides anti-ddos firewall protection ( which is also too expensive).
For a DoS attack you don't need those pricey HW firewalls... DoS should be resolved in nxt's code-base and if needed ad-hoc mitigated with simple greping/parsing server logs and applying appropriate iptables rules.
For DDoS attacks the bottleneck is the uplink... In case of DDoS having eg. 10 servers on same uplink (same data-center/rack) won't help whatever you place in front of them.
I could elaborate on poor's-man/wealthy's-man/our's-way of mitigating DDoS if anyone interested.