The first thing I did was disable root ssh login and create a new user. I also went ahead and changed the default SSH port and installed fail2ban to avoid SSH attacks. I also setup [automatic](http://www.the-art-of-web.com/system/cron-apt-wheezy/) security updates using a cronjob. I figure this is enough security that the server will need. fail2ban takes about 3-4 mb of RAM, so I still have plenty left for webhosting.
I then installed nginx and set it up to accommodate my little server. Since I only have one CPU, I set ‘worker_processes’ to 1, ‘worker_connections’ to 1024, and lowered the timout to 25 seconds. I also setup client caching of all CSS, JS, and image files. Finally I also turned ‘gzip_static’ on, which allows pre-zipped files to be sent out by the server. This means if a file is gzipped before hand the server does not use CPU to gzip that file. I gzipped all my .html and .js files and kept both the original and the new .gz files in the same directory.
If a .gz file does not exist, nginx will gzip the original file (.html for example) using up CPU resources to do so. However, if nginx sees both index.html and index.html.gz it will server up index.html.gz instead. The one gotcha is that every time you make a change to the .html file you will need to update the .html.gz file also. Apparently nginx also likes the original and the gzipped files to have the same time stamp, so once all the files were ready to go I has to ‘touch *’ to give them all the same time stamp.
The site that I have running on the VPS gets over 1,000 page views a day and the load and memory usage on the server is tiny. I can easily add other static sites to the server, or increase the amount of traffic to the server without and problems. Now I have a fun little virtual server to play with.