If you are going to open all the ports to the internet. Keep the machine patched 100% and keep on top of all security advisories for all of your applications or your server will be hacked. Unless if you’ve modified the server signature explicitly within the server software (dont know if you can do that with IIS), people or bots will find out you are running windows, but viruses and bots will hit your server regardless of OS looking for holes. There are windows bots as much as there are linux bots. Ideally, all ports except those you are using should be closed.
If you already know this information, great! I see too many people starting servers thinking its all fun and games and is a set-it and forget-it hobby only to wonder why their server is “acting funny” after a day or two.