SomeBoyoWhat are common practice's for hardening/securing your server?
Move services away from known ports and don’t use ports that end with well known port numbers (22,80,443).
Moving ssh from 22 to 2222 or 443 to 10443 does nothing. You have ~65000 ports. Pick something random like 6744 or 2458
t҉̠̙ǵ̣̞̄ͪ͜x̸̱͚̳ͫ͐̑̈ͯͣ̚n̒͌҉͉̦̜̝ͅStill does nothing when scanning the entire ipv4 address space achievable so quickly. You can also use services like shodan to find vulnerable services on any ports.
Use SSH keys, stay upgraded. Make management services (SSH, RDP, admin services) accessible only via VPN (WireGuard). Only expose 80 and 443 to the internet, if necessary.