The issue probably is not so much that your server could get compromised, simply reading values off a socket is safe in PHP, unless PHP itself has got a bug.
I would rather be concerned about arbitrary users being able to connect to any service on the internet. Depending on how you implemented it your machine could be used to send out spam, to help in a DDoS or other kind of attacks.
So:
- Disallow certain ports to be entered (Everything < 1024 is a “well known” port)
- Disallow certain IP ranges (such as
10/8
,127/8
) - Disallow anything else that cannot be a sane value
- Rate limit it
- Keep track of the actions execute in case your machine is used for something malicious