Usually the most common way websites deal with a DDoS attack is by utilizing a third party DDoS protection provider such as Cloudflare or DDoS Guard.
What these services do is they become a proxy between the website’s server and the visitors to the website, the service then analyses the packets (source IP, destination IP, protocol etc), HTTP request metadata (user agent, host etc) and HTTP response metrics (HTTP error codes etc) to identify malicious traffic.
Normal users will be able to access the website as normal however traffic that is detected as attack traffic will be diverted from the server and absorbed by the DDoS protection service.