How likely is an DDoS attack and is using CF Proxy worth it in my case?

Hello community,
i finally got around to setup cloudflare in a way that it now uses Proxied DNS Requests. I really like the features like Origin Certificates, using the CDN and its caching features but sadly i think that using the CF Proxy is making more trouble for me in the long run.

I used to have Contabo Servers to host a lot of services. I’m a student so i love try out things. Now i purchased a dedicated Server from Hetzner with bigger specs and higher uplink than Contabo. In the past i had an Hetzner server too but the DDoS protection it offered were very minimal, and i think that is still the case today. So my question is how likely is it that someone on the internet actually gets very angry and starts to DDoS my Server?

Using the CF Proxy doesn’t allow me to use non-http ports, for example i wanted to setup my own mail server (not for production, i know you usually don’t self host these), game servers etc. all running on different ports than 80,8080,443. So the option would be to either make new A Records for these Services and dont proxy them or disable to proxy feature completely (personally i see no point using the proxy for 1 record e.g webserver and the other A records just containing the servers IP address, but maybe someone has a different opinion on that let me know).

since i also own a couple domains, i thought of using the proxy only on those domains i know some people would get offended by (nothing bad or illegal, but mostly related to lgbt, lifestyle etc.) , but how much sense does that make for example domain2.xxx has the records for everything unproxied but domain1.xxx has only an webserver reachable under it? It’s also important that domain1.xxx has the CDN feature and caching because i want that site to be used anywhere in the world with an average latency (i tested it, and it works very well for me)

sorry for my bad english, i drew a little image of what i had in mind

The main thing now is that obviously no one should know that domain1 is running on the same server IP as domain2 (which should be possible i think, because domain1 is proxied correct?) and if im incorrect is there a way that makes is difficult for someone to figure that information out? And as a last information i dont have the money to purchase some service that could allow other ports to be proxied too because im a student and i dont have the money for that as of now.

I hope my question wasn’t too cluttered, and thanks for helping me out.

For the unproxied one, it’s quite easy for people to find out your origin IP address.

if im incorrect is there a way that makes is difficult for someone to figure that information out?

Very sorry to say so but if you need to hide the IP address for the Gameserver, UDP port, I guess to need Enable Proxy protocol · Cloudflare Spectrum docs which is available on Enterprise plan only.