Current best practice for securing a droplet?
I see a lot of the most recent tutorials only detail securing a droplet with UFW or the DO droplet firewall. I recall a number of years ago there were many tutorials advocating Fail2Ban etc. are these still recommended?
I currently use SSH with public key login only, no passwords and wish to use my droplet to host a Postgres database for remote usage whilst developing a django app which I’ll eventually host on DO.