You’ll be ok as long as whatever software you’re running that is listening to 80 and 443 never has an exploitable vulnerability, if it does… you may be in trouble depending on the vulnerability.
Or be careful of the service on the other side of your (I assume) reverse proxy, should it have a vulnerability you may still be in trouble depending on the setup of the reverse proxy and what it’s config is.
Ah yes. More dollars spent where we shouldn’t be spending it.
Using ESXi as a hypervisor , so I rely on Veeam. I have copy jobs to take it from local to an external + a copy up to the cloud.