Not anymore. These AI scraping tools own far too many IPs and huge ranges of territory to easily block. They have been able to slow down gigantic sites like eBay, Wikipedia, IMDB, reddit, and others that have strong DDOS and spam protection. We are now at the point where bot traffic exceeds human traffic. And that number should be lower as I don't consider pajeets and chinks to be humans.
I'm against all forms of humiliation ritual captchas and other garbage "human checks". These services almost never actually protect against bots. They just slow down services for actual humans and waste your time. How many millions of hours (billions?) are now wasted every year on clicking "ARE YOU HUMAN?" tests on websites.
I mean, it's solvable with a little work to set up a service for reporting and analyzing traffic. If you own IPs and you're receiving too high a rate or bandwidth of traffic from certain other IPs or ranges, you could report it to a service that the IANA or the local RIR provides to its customers (you, as a owner of IPs and ASN, are their customer). They can cross-check your report with the flow information that they store in their database (they would need a central database of flows collected from all customer links). If it exceeds some threshold, say that it uses more than 50% of your bandwidth or maximum connection rate, they treat it as abuse and use appropriate bureaucratic channels to give a warning to the customer where the connections originated. If they're a repeat offender, their link gets shut down.
This would actually punish the source of the connections and if they abuse it too much and have too many shutdowns and reports, they'd have their ASN and IPs taken away.
They deregistered Gab's ASN for wrongthink. Why can't they deregister the ASNs that are sources of DDOS traffic?
My theory is that they're somehow getting paid off to not do anything about DDOS traffic. There is a mafia that controls who can and cannot be present on the Internet, using a protection racket type scheme, by forcing people to pay and use their DDOS filtering services. They don't just get money, they get to control who lives or dies, whose information is available and who is censored. It's a mechanism of censorship, without a formal legal framework of censorship.
Edit: thinking about the technical side. The majority of the Internet runs on TCP, which has congestion control built in. If the service is overloaded, it throttles sending ACKs, the other end has to throttle back sending packets until it stops losing ACKs.
Thus, if this new service that collects all flows and analyzes them for DDOS were to analyse the flows, it could see which TCP connections are functioning normally and which are being overloaded (one end stopped sending ACKs but the other end didn't throttle back sending packets).
It's the same with SYN floods, they could see that there is a large amount of SYNs that don't get replies, and flag that as abnormal.
Even protocols that don't have congestion control built in, like UDP or ICMP, could be limited in different ways.
There could be a web portal for each customer where they can tune their preferred limits for maximum bandwidth, SYN rate and so on. This portal could have an API where every IP owner could query the desired limits of any IP, and set their firewall to rate limit outgoing connections per-IP with their desired limits obtained from the API.
This system would rely on forcing each Internet citizen to be a good actor and take proactive measures to prevent overloading other users. It's technically all possible, they just don't want to do it.