How to block HTTP DDoS Attack with Cisco ASA Firewall
The ASA firewall is not a great choice in dealing with a volumetric DDOS, but they can come in handy with an application layer attack, such as a common HTTP POST/GET request from the attacker.
Within the ASA, you can filter certain strings that may come from an application layer payload using the regex command. The following link provides some insight into how to set up the layer 7 ‘firewall’ to block these queries from reaching a device past the ASA.
Further reading on regex: http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/100535-asa-8x-regex-config.html