Before an attack happens:
(without actually knowing your http server or languages in use)
Setup some monitors - pingdom.com is good for checking up time and making sure servers are responding properly. For something more advanced, you might want to look at Datadog
When I can, I like to watch actual http / https traffic on the site - for that, I use goaccess - keep it running in a terminal and on a 2nd monitor.
It's always a good idea to use a load balancer, even if you have just 1 server. With a load balancer in place, you can add additional servers at will. Trying to implement a load balancer while under attack will just add to problems (redirecting the domain name, setting up the load balancer, adding servers, etc...) - A load balancer will work just fine with 1 server - so even though it's an additional expense you might not need, if / when a DDOS attack happens, it can help.
I'll often use the data I get from goaccess and ban IPs in the load balancer of people / bots trying to download the entire site (we have a ton of PDF assets at my day job)
It's also not a bad idea to use cloudflare.com to manage DNS - it's free and they have DDOS attack mitigation tools.
If your on linux - make sure Fail2ban is installed and configured properly; make sure SSH is locked down as well as you can; make sure no additional services are running that might expose un-needed ports.
While a DDOS Attack is happening
What to actually do is difficult to say without knowing the specifics of the attack. But, you can't do anything if you have no information. Stopping a DDOS is all about what you did before hand to make sure when it happens, you have the information you need to stop it, while it's happening. Fail2Ban will show you who is trying to login via SSH and from where - so you can start banning IPs. goaccess, again, will shed some light on http traffic and from where. I can't speak for Azure but AWS for sure has tools that'll monitor server performance and resources - those will help you determine how bad the attack is. If you used cloudflare, go there and click the I'm under attack button. I generally host on Rackspace and their great at helping when stuff hits the fan. Once you think your under attack, it would be a good idea to call them ASAP - at least to let them know what's happening and if they can offer anymore insight. I think most major cloud services have an emergency number, but find out of AWS and Azure have one and what support contract you need for each (and how much they cost)
Google "how to stop a ddos attack" will bring up a lot of articles on various tools and ideas on how to stop it. It's a very broad topic with lots of what ifs. If your a small team and on a small budget; it's best to get on a host with people that know how to help, when you need the help!