Here are some more tips for anyone who is very new:

1. You can get a free SSL certificate from letsencrypt you can check on my website I make use of letsencryp(Oops I scored a B)t: https://www.ssllabs.com/ssltest/analyze.html?d=yoirtuts.com&latest
   

2. If you aren't using ipv6 then disable it on your server. This is an extra attack vector if you don't know how to lock down ipv6.

3. Learn to use iptables instead of ufw if you can. ufw is really just a wrapper for iptables:

Here are some links on SSL:
https://raymii.org/s/tutorials/Pass_the_SSL_Labs_Test_on_NGINX_(Mitigate_the_CRIME_and_BEAST_attack_-Disable_SSLv2-Enable_PFS).html
https://mozilla.github.io/server-side-tls/ssl-config-generator/
https://www.ssllabs.com/ssltest/
https://raymii.org/s/tutorials/Pass_the_SSL_Labs_Test_on_NGINX(Mitigate_the_CRIME_and_BEAST_attack_-Disable_SSLv2-Enable_PFS).html
https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
https://www.owasp.org/index.php/Testing_for_SSL-TLS%28OWASP-CM-001%29

Here are some tutorials to get familiar with SSH and keys:
https://www.digitalocean.com/community/tutorials/ssh-essentials-working-with-ssh-servers-clients-and-keys
https://www.digitalocean.com/community/tutorials/how-to-set-up-ssh-keys--2