Hello,
By default, your router is configured to reject any external traffic/connections, which are not allowed by some specific rules. Default configuration is set to only accept DHCP renew requests, reply to ping packets, and allow IGMP.
Adding a limit of HTTP(S)/SSH connections can be an additional step, when you know your network, and have a good estimate of a number of connections at a given instance, but these are excessive, if you want to have protection from remote connections as these are rejected by default and only apply for internal usage.
Having protection from TCP packets with certain combinations of flags enabled is good to have, just keep in mind that it requires additional processing capabilities and might reduce maximum achievable bandwidth.
The only change you can attempt is in Network -> Firewall page, where instead of having REJECT set for undesired traffic, which sends a reply to the connecting host, you can set DROP, which does not produce any reply to the sender.
Best regards,