Open only the minimum ports that you need (eg. only 80 & 443 for a web server). Run simple software (eg. nginx) and keep it up to date. Minimise the impact of searching bots (eg. fail2ban). Avoid running scripts (eg. take care with php). And your server will be more secure than your modem (touch wood)!