For a small webshop I want to enable bitcoin payments. Since the good old blockchain.info wallet doesn't support json-rpc anymore, I would like to use electrum.

I have electrum running on a raspberry pi successfully. Queries run wel locally. My website is on shared hosting somewhere else. I would like to query electron via stratum/json-rpc from the webserver. However, Electrum only accepts connections from localhost, not from 0.0.0.0,  according to netstat.

Two questions that pop up:
1. How can I configure Electrum to accept connections from outside?
2. How safe is opening up a port to the outside world? I want to use ip restrictions in my local router.  Further security would be using ssl, but ssl over json-rpc is not recommended. Ssh tunnels are not available on shared hosting either.