DigitalOcean provides great service and documentation for setting up your server.
There are a few configuration steps that you should take early on as part of the basic setup. This will increase the security and usability of your server and will give you a solid foundation for subsequent actions.
Setup On Digital Ocean
https://www.digitalocean.com/community/tutorials/initial-server-setup-with-ubuntu-18-04
Configuring SSH Access
This next link goes to a page with some great information for setting up ssh access to your server (using Putty, PuttyGen & Pagent). It is actually easier that it first appears and makes your site way more secure than password access.
https://www.ssh.com/ssh/putty/windows/puttygen
More resources from DigitalOcean:
https://www.digitalocean.com/community/tutorials/how-to-set-up-ssh-keys-on-ubuntu-1804
A simplified synopsis for disabling password authentication is below.
Disable Password Authentication
Log into your remote server using the SSH keys, either as root or with an account with sudo privileges. Open the SSH daemon’s configuration file:
sudo nano /etc/ssh/sshd_config
Inside the file, search for a directive called PasswordAuthentication. This may be commented out. Uncomment the line and set the value to “no”. This will disable your ability to log in through SSH using account passwords:
PasswordAuthentication no
Save and close the file when you are finished. To actually implement the changes we just made, you must restart the service.
On Ubuntu or Debian machines, you can issue this command:
sudo service ssh restart
After completing this step, you’ve successfully transitioned your SSH daemon to only respond to SSH keys.
Firewall Setup
Introduction to UFW
https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-with-ufw-on-ubuntu-18-04
More details
https://www.digitalocean.com/community/tutorials/ufw-essentials-common-firewall-rules-and-commands