There are certainly much better tutorials. This is here mainly for me to be able to repeat various task when i receive new Linux server.

Some tasks that can be done:

0. ssh -p 22 -l root serverIP
1. apt update 2>/dev/null;apt upgrade 2>/dev/null;apt install curl whois htop nmon nload fail2ban 2>/dev/null||yum update 2>/dev/null;yum upgrade 2>/dev/null;yum install curl whois htop nmon nload fail2ban 2>/dev/null
2. df -h;free -mht;w;curl -sL yabs.sh | bash -s -- -ifrg # remove "if" parameters to do also disk and network speed test
2. run command to change SSH port 22 to custom one (i.e. 876), i suggest one within 600-60000:
newportno=876 && sed -i "s|#Port 22|Port $newportno|g;s|# Port 22|Port $newportno|g" /etc/ssh/sshd_config && systemctl reload sshd && ss -p|grep -i ssh 2>/dev/null
3. passwd
4. reboot
5. copy SSH key for password-less access: ssh-copy-id -p NewSSHPort root@serverIP
6. login SSH (see 1st command)
7. server with many connections and opened files?
# echo "* hard nofile 10000"|tee -a /etc/security/limits.conf
# echo "net.netfilter.nf_conntrack_max=99000" > /etc/sysctl.d/10-conntrack-max.conf;sysctl -p /etc/sysctl.d/10-conntrack-max.conf
6. Install Wireguard and enable port forwarding.
7. Install OpenVPN
8. setup logs removal.

If you prefer more advanced configuration of your firewall and brute force blocking than above installed "fail2ban", then remove it and install CSF ConfigServer firewall https://configserver.com/configserver-security-and-firewall/