Reseller provider does not provide logs

Recently, our IP was reset to zero by a well-known reseller hosting company. The company did not provide any data on it and I was completely charged. Is that fair? Need your reviews.

Please check the help desk conversation:

Me: server not available. Problem loading page, please help.
Dealer company: Please explain. All server services are running normally …

Me: No, please check the websites on the server
Reseller Company: Your dedicated IP address was not routed due to a massive DDoS attack on various domain names hosted on the IP.
We have removed the null route and the websites should be online in the next 10-15 minutes.

Me: I did not receive any information about this. Please help. Let me know what to do.
Reseller companies: Using Cloudflare for all your domain names is a good place to start, as the actual server IP is hidden in this way.

Me: Immediate relocation of cloudfare to all domains is not possible. Also domains are not registered with me. Customers scream, I find in the last 4 months no complaints on these server domains. Please help.
Reseller Company: How exactly do you help? You notice that your domains are attacked from the outside, right? This is our company policy. We will not forward the IP address until the attack is over. Otherwise, the entire server, including your domains, will fail.
Of course, if the attack stops, we will remove the blockade.

Me: Is it a ddos ​​attack on your network? Can you please tell me the cause of the problem? When will it be solved? Almost 5 hours down. I can not handle calls!
Reseller Company: I did not say that … Do not play shy with me … I told you ONLY YOUR IP IS TAKEN !!! The blockade has been eliminated. When the attack restarts, your IP address will be reset to zero.

Me: What's that answer? How do I know that my ip is being attacked and what can I do without clues? Websites are inactive. I try to help my customers.
Reseller Company: How do I know it's your IP? Do you have a laugh? We have server logs that show that all DDoS attacks attack ONLY your IP address. This is one of the reasons why we provide you with a dedicated IP address so that we know who is attacking whom in such cases.
To help your customers, you need a CDN. That's why I suggested Cloudflare!

This is a response to someone trying to blame our network for the fact that your client's sites are being attacked! And that is the ONLY answer you will receive!

Me: Please specify the protocol.
Reseller Company: The functions of WHM have been activated. If you have further questions, please do not hesitate to contact us.

Me: All my clients' websites are still inactive. I am dissatisfied with the kind of help. Please help.
Reseller Company: I'm not happy that some of your customers are compromising the stability and security of the entire server, which also has about 1500 accounts! I can guarantee that your IP address will be zeroed the next time without removal. The attack seems to have stopped. The IP has been restored and the websites including are now operational.

Me: You have not yet deployed logs. How should I act? Can you understand ? At least tell me what I have to do!
Reseller Company: I've told you at least twice that you need to use Cloudflare for your domain name so that does not happen! I can only say it that way if you do not understand it. I'm so sorry. We will not provide you with logs because we deleted them because the attack has inflated the Apache protocol in gigabytes …