Verisign and others offer this service; typically using DNS. However often they support BGP
2. Add limiting factors; if you have an abusive customer rate limit them in nginx. If you are expecting a heavy day rate limit the whole site.
3. Stress testing and likely designing your website to withstand DDoS attacks.
You can cache or not cache; that's not really the question. Handling a DDoS means what can you do to mitigate the extreme amount of traffic and still allow everything else to work.