It's no different from the rest as far as I can tell. It depends on what it needs to do and how paranoid you want to be. The firewall rules are up to you, as well as the services running.
I recommend you only allow shell logins using ssh.
If you are running a web server that has upload or some other service that may require logins to gain access like mail, make sure that the passwords and usernames can only be sent using secure ports. If you are doing ftp don't allow anything but anonymous, and if it has upload make sure it is on a seperate partition, and that the folder is hidden, and don't allow read access to the upload folder.
sftp is good if your clients have it.
I prefer https for uploading and accessing my upload folder. the connection is secure and it's easy to use with any client.
use good passwords, check log files for failed logins, use rules that only allow what you need. Check for known vunerabilities in services you use.