Some do, and it depends on what layer the attacks are coming in on.

Low-level attacks most or all providers have some protection against (to protect their network itself) but that may include black holing your IP at the border routers.

Few offer higher level DDoS protection that isn't rewrapped cloud flare or competitor.

a little niche cuz they're primarily a game server provider but nuclearfallout is the most proactive provider i've seen to do this, on vps or dedicated hardware. there has been many times they've worked with upstream bw providers and automatically holed incoming ddos, noticed packet loss and abnormal routing etc, before even reaching end user interfaces-

been using them for decades and they've been incredible for this, at least for the US options (prem/internap)

many VPS providers want to get rid of you if you're on receiving end of the attacks as well. since you threaten the stability of their operations.

Thanks.. Trying to understand the issue bit better if you can bear with me..

Let's say you manage to install some cloudfare equivalent in your Vps so your hands are clean. That still exposes the provider systems up to that point, eating up resources?

Or they'll still knock you off and ban your IP at the first point of entry itself..

Cos where that leads us is subscribing to cloudfare type service almost becomes inevitable.. You can't get around it with some free software running in your own box.