Michael, before proposing alternatives for consulting help, it may help you/them and others to hear first that if it really is a DOS attack, I’ll note that a simple fix could be to have him route his traffic through cloudflare. Their free account specifically protects against that (and offers still other benefits). Their paid plans (relatively low cost) offer still more.
Maybe it’s not a true DOS attack, though, but instead one or more of the aggressive bots discussed recently here. There were options discussed there suitable to windows and not requiring coding effort.
But finally as for someone to help, in Germany, the folks behind FusionReactor are based there and offer consulting, but they tend to pass that on to me. I can also help directly and without the 4-hour minimum they ask for (which can be used over time, to be clear). I’m in the US, but I work with clients worldwide via screenshare.
I’d help discern WHAT the problem was on the old server, if possible. And then it could be addressed on the old or new servers. It could easily be less than a couple hours of effort, though we can’t know until we dig in.
I’ll add that I offer a satisfaction guarantee: folks won’t pay me for any time they find not valuable. And we’ll work together so they know what’s being done. More at Charlie Arehart's Server Troubleshooting Consulting Services.