I've been using shared hosting services for many years, and am considering migrating at least one of my domains to a VPS.
One of the conveniences of shared hosting is that I've come to rely on the hosting company for security considerations, and the VPS I'm likely to go with would leave every aspect of system management up to me.
I'm very much looking forward to the freedom of having complete control over the system, and have begun learning by setting up a test server in my office running Ubuntu 12.04 LTS, which is what I'll be using on the VPS as well.
So far I've been impressed with how well the default settings have kept the system secure from the constant barrage of attacks, but before I move a public domain to a server I'll be managing myself I want to make sure I have a good understand of the responsibilities involved.
What would you consider as essential best practices for managing a public web server?
Thanks in advance for any insights you can share.