At least for DDoS by attacker who use Tor network, it can be mitigated by enabling PoW feature.
Only for onion service though. Forum would have to have a onion version and Tor users have to surf using that only.
That's true. I simply mentioned it since CloudFlare already support
alt-svc, where currently Tor Browser user actually visit .onion when they access this forum.