Debian

How to set up a web server from scratch?

Hello.
There is a dedicated server (Core i7/64Gb/1Tb) with Debian 7.8 64 minimal image installed. I need to raise a PHP web server based on this server.
For many years I used ISPmanager to configure the server, which installed and configured all the software for me. Those who have used ISPmanager know that it installs classic software in classic bundles (classic = time-tested). In addition, it drags along software that you may not use.
I have a desire to learn how to install and configure all the software myself. I spent a lot of time looking for a HowTo that would answer all my questions, but I did not find anything of value. All HowTos on "setting up a web server from scratch" (from bloggers and big companies like DigitalOcean) come down to a simple "apt-get install apache php mysql". But this is not enough for a production server. I need a HowTo that tells me which php/nginx/apache/fastcgi/php-fpm bundle to use; I would say that it is better to install redis instead of memcache; I would talk about protection against possible attacks. Based on this HowTo, I would like to configure the server to be as productive and secure as possible.
Here ISPmanager installs the php+apache bundle, or maybe the php+php-fpm+nginx bundle is much better and safer? At the same time, the ISP does not install fail2ban, and I looked at iptables - it is empty. I do not need to receive mail on the server, but only need to send, and ISP installs dovecot, and I only need exim. But since I don't know what an ISP does besides installing packages, I get the feeling that it does a lot of things. And if I refuse it and install packages manually, then my server will be full of holes.
I described everything rather chaotically. Maybe I should learn debian first so I don't have to ask questions like this. But still, is there such a HowTo or someone can make such a HowTo to get an extremely modern and reliable server?
Thank you.
UPDATE 30.01.2014 08:13
Судя по ответам, некоторые подумали, что я задал вопрос в стиле "как сделать сайт" или "какой редактор кода лучше", то есть вопрос не имеющий единственно верного ответа и каждый ответ будет субъективен. Так же я не ищу "волшебной кнопки" (волшебная кнопка уже есть - ISPmanager) и не ищу тонкой настройки сервисов (о чем написано на ruhighload.com).
Для такого, чтобы было понятно какую информацию я хочу получить, я задам несколько прямых вопросов:
1. Я скачал с официального сайта образ и установил на сервер debian 7.8 64. На сколько мой сервер безопасен? Моих знаний хватает только на, чтобы видеть 2 уязвимости:
- уязвимость в debian (ошибки в коде, закладки) - от этого я защититься никак не могу, да и никто не может;
- the vulnerability of obtaining a root password by brute force - I can protect myself from this by closing all ports for entry in iptables, opening only port 22 (ssh) for my IP.
That is, in my understanding, "bare" debian becomes bulletproof after closing it from the world with iptables, is that so?
2. So I read the article, and I realized that apache mod_php is best suited for my background PHP server (better than nginx + php_fpm bundles), that is, on bare debian I need to run the command "apt-get install apache2 php5". Then I can use the default php config and add my domain information in the apache config. Next, I supplement the iptables settings from the first question by opening port 80 for input. After which I get a bulletproof web server, is that right?