Well after securing my server for the past 2 months im ready to transfer some of my clients to my new company. Since I no longer have a ddos protection company and im hosted with a company that does not offer ddos protection. incase someone decides to ddos a client how can I stop it? would I cancel the client move them to a new host or what? and how could I find out which client is getting the ddos attack. * I hired someone to do this but there not working with me anymore and i need to be able to do it*

A firewall would be a good place to start. This could act as the first line of defense!

There's no good way to stop a DDoS attack, without the proper equipment and hardware to do so. Software protection is only so limited. Say, for example, the actual IPs of your servers was DDoSed, rather than a website - what would you do then?

The DC may be forced to null-route the IP.

Until the ddos is heavy or just attempting to syn flood your network, you should be able to protect it using different software dos solution like CSF (Firewall) and DDOS Deflate.

Until the ddos is heavy or just attempting to syn flood your network, you should be able to protect it using different software dos solution like CSF (Firewall) and DDOS Deflate.

yeah I will try asf and csf. I have a firewall installed but The new company cant afford to spend thousands of dollars to get a dc to help out like the old one could. ddos deflate I have used in the pass but some of the smaller attacks it did not block which I think I could fix thanks. oh yeah... I heard about giving each client a dedicated ip so it would be easyer to trace? anyone think this would be a good idea since I have over 200 ips on the dedi

Even though your provider does not offer "DDOS Protection" you can ask them if they would put null routs on IP's for you if you are under attack. Most providers will do this for their client base.