Guidance for Developers to make it hard on attackers (DDoS)

In keeping with the CISA theme of the day, I thought that I would take some time to talk about DoS. For those out there who are new in the space a denial of service attack (DoS) is the process of making many requests (often more than the server can handle) in an attempt to overwhelm the server. Generally speaking this falls into the low effort, low payout corner of the cyber security space, and has been the favorite of many subclasses of threats on the internet (specifically the cyber activist). When a whole group of people (or services) do it is 'Distributed' denial of service (DDoS).