FreeBSD/Nginx/MySQl/PHP/et al: tuning and monitoring security/performance

For some time now I've had an idea regarding a web project. Recently I decided to stop pondering and just give it a go. Since I already have some previous FreeBSD experience (got a ZFS NAS at home) and also have some Wordpress knowledge, this is what I basically ended up with:

A cheap 5$ FreeBSD VPS from DigitalOcean.
Nginx + MySQL + PHP + Wordpress.

However, as I've been building my site/project, I realised that I really have no clue how to properly secure and tune the performance of the above, as this is my first time running anything completely wide-open and facing the public internet. What are some good resources on the subject? Additionally, what would be a good free choice for monitoring (and drawing pretty graphs) system performance, resource usage and managing services?
A good starting point is security(7). This thread will also be helpful: Thread 4108/

As for monitoring, I'm quite fond of Zabbix but it might be a bit overkill for a single machine. Munin is a bit 'simpler' and quite popular. For site statistics you may want to have a look at www/awstats, simple to set up but will give you a lot of information. Make sure you secure it properly though, it's a popular target for hackers.