Harden your public webserver
Harden your public webserver (part 1: unattended-upgrades)
Everyone who at some point comes across the idea of renting their own root server knows the queasy feeling that the server has been released for attack.
Harden your public webserver (Part 2: crowdsec)
Quickly after the server is on the Internet, it is open for script kiddies to eat. One of the first annoyances are bruteforce attacks.
Harden your public webserver (Part 3: shutdown SSH)
One of the main points of attack is the SSH interface. Script kiddies love an open SSH port.