As a preventative measure they also provide a recommendation to enable HTTPS for your website (which CloudFlare also provide as an option). If you are using a self-hosted WordPress installation (namely where WordPress is installed on a server that you manage/administer), this blog post may be of assistance in enabling HTTPS by default (by using HSTS (discussed/defined at length within a previous blog post of mine)).
Given the severity of DDoS attacks I wanted to provide a respectful shout-out to following CloudFlare blog post:
In addition, earlier this month US-CERT created a useful security alert containing a list of tips for securing your home broadband/fibre optic router/wireless access point. In addition, their alert also links to an updated list of routers with known security vulnerabilities with advice on addressing them:
Securing Home and Small Business Routers (US-CERT)
I hope that the above mentioned blog posts and resources are of assistance to you in defending your website from becoming part of such DDoS attacks and securing your home router/access point against malicious use.