Anubis is affective against certain kinds of bots and abuse, but wouldn't be that affective against large scale DDoS attacks. And it does have a negative impact on usability, as users have to wait for the browser to do the proof of work, which may or may not be worse than cloudflare's captchas.
Anubis is a partial mitigant of DDOS attacks, since it's less resource intensive to serve the Anubis page than the origin[1].
Cloudflare's captchas are only convenient for a subset of users, I'll bet there'd be decent money in one of the competing CDNs (Fastly maybe?) including an Anubis-like captcha.
Yes, it's a partial mitigator, but it isn't as complete of a solution as a CDN, for a number of reasons. For one thing, with Anubis your server is still responding to requests, so a full scale DDoS could potentially take you down without having to actually complete the PoW, they just have to make enough requests.
Using a CDN for DDoS typically has multiple levels of protection:
- caching reduces load on your server
- In the event of a (D)DoS attack, the cdn can absorb the attack traffic with their much higher capacity than your server(s)
- The CDN can block certain kinds of attacks, especially low level (D)DoS attacks without the traffic ever touching your servers
- Since the CDN fronts many sites, it can have more information about which IP addresss, and user agents are more suspicious. This one is a little controversial, because there is a conflict between getting an accurate profile of how suspicious a request is, and preserving the privacy of users.
- It may have built in support for some kind of bot detection, such as captcha or a proof of work. IDK about the free tier of cloudflare, but for paid offerings at least, this is usually optional.
In short, Anubis could be part of a DDoS mitigation plan, but if you are worried about a targeted attack, it probably isn't sufficient. And critical services are potentially a valuable target for attacks.