I can't remember, but he asked for an insane amount of Bitcoins (800 I think, ~$8400) which wasn't even remotely close to our operating costs.
No way I would pay, our site was down 2 days but we moved to Heroku afterwards. No problems since, it probably scared him away.
YMMV with bigger botnets.
DDoS protection is expensive. Unless it is economically feasible for you to pay for the protection, most sites don't have it until they're a high target.
There are 2 kinds of DDoS attacks I know of (there are more but they're similar): bandwidth exhaustion and computer resource exhaustion.
Bandwidth exhaustion DDoS mitigation is difficult, because it requires you to have a fat inbound pipe to let all the bogus traffic through. Fat pipes are _expensive_, there are few hosting providers that allow you to have a dedicated line more than 1 Gbps.
Supposedly their Business plan ($200/month) protects against this, and their free plans protect much smaller amounts of traffic.
You can prevent against some common resource exhaustion attacks (SYN floods) by having a proper firewall setup.
CloudFlare has been known to let the attack traffic route to your server if it's big enough.
computer resource exhaustion is more likely to work then bandwidth exhaustion on CloudFlare
What's the logic behind this? After all, DDoSers probably aren't upstanding citizens.
Think of it as entering into a subscription arrangement.