I can follow guides and stuff to set things up, but when it comes to security, I don't know much, aside from don't use default passwords, don't port forward things unnecessarily, use a VPN where possible (for accessing my server remotely outside my network), and similar.

Context, I have a Dell PowerEdge server that I use to run a few things for myself, family and friends, and I want to learn how to better secure it against attacks. I'm not totally unfamiliar with a CLI, I've set up some stuff on said server with no graphical interface, though I did follow installation and setup steps, so I can just barely count that.

There are login pages exposed, passwords are secure, but aside from looking into fail2ban, I have no real form of security set up. Nothing super important is exposed, but I don't wanna risk anything.

Edit, don't know why but I feel it's worth mentioning, I have not checked anywhere else for info, I literally somehow stumbled upon this sub when looking at other things.