Theoretically, if the backend code is optimized enough, a DDoS attempt wouldn't lead to a denial of service since all those requests would just get served as normal. And as long as the network isn't the bottleneck, which it probably is in most cases.