Dear Sir,
I have gone through most of the pdf. Most of the open port are important to be opened. Mail port. Few need to block. The best way to protect the site is configure firewall and inspect incoming activities monitoring with threats protection.
I'm interested in your project and can help you to troubleshoot your issues.
Please feel free to contact me if you have any queries.
Best Regards,
Tanvir Rumman