It might be a coincidence, but it's funny that I know at least two websites that get DDOS attacks quite often. One of them needs to go as far as going into low functionality mode to thwart the attack. They also use Cloudflare as an additional measure, so I guess it's standard practice to use Cloudflare for DDOS attacks. I'm not up to date with how much it costs for a hosting server to provide additional protection nowadays, but it's definitely not cheap. Probably worth it if it means keeping your customer satisfied though.
I think it depends on how big your server capacity is. Most websites on the internet are run by renting servers. Only a few companies, like Meta, Google, have their own server to host. If a server can handle a lot of traffic, it should not have any problem handling those DDoS attacks. For example, have you ever heard that Facebook or Instagram, or Google are under a DDoS attack? Probably not.
If a casino or a service can afford to run a huge server that can handle a lot of traffic, they don't have to think about a DDoS attack anymore. The only way is to use some protection, such as Cloudflare, AWS, and Azure. Cloudflare is the most popular one.