Can someone explain what steps I should take to properly secure my GNU+Linux server instance?
Secure SSH keys is key. You can upload your public key on the key management page: https://dash.99stack.com/auth/manage-ssh-keys then have it installed on any new server you deploy. To generate a key pair using Putty try this:
Download and install the PuTTY Key Generator (PuTTYgen) program.
In the ‘Parameters’ section, select the type of key you want to generate (the default is RSA).
Click the ‘Generate’ button and move your mouse around in the blank area as instructed.
Once the key pair is generated, you will be presented with a few options. Enter a passphrase in the Key passphrase field.
Click the ‘Save public key’ button and specify the location to save the public key.
Click the ‘Save private key’ button and specify the location to save the private key.
You can now use the public and private keys to authenticate with the remote server.
Don't forget to select the private key when connecting.
SSH Key authentication and disable root login should be your first steps.
Use ufw as your firewall and configure it to block all unused ports, or private ports in general.