What about your instance's users? Are you responsible for what they post on other servers? Even if they aren't posting anything illegal, but just spam? Or being very unpleasant? Is it likely that a popular instance could defederate from you if you have too many users like that? And what about someone making a bunch of bot accounts on your instance?
I'm perhaps a bit too paranoid, when I first got my own server and saw thousands of SSH login attempts in half an hour, and plenty of malicious HTTP requests in the apache logs... I've felt like it's a jungle out there. I've since changed to a different port for SSH, and disabled password login (only SSH keys). Every now and then though, it seems like my non default port is discovered, and I need to change it again, or my logs will be filled with failed login attempts[1]. Perhaps I'm unlucky for renting a server in an IP space that often gets compromised... it's just scary to me, since I've never even shared it with the general public (just a few friends).
[1]: I realize this isn't a big deal, but I'd like to avoid it if I can. Perhaps I should investigate some software that automatically bans abusive IPs.
Thanks for all the info. Some day I'll definitely give it a shot.