Asterisk mini http security

I em planning to enable WebRTC from our public web server to our Asterisk server. The main goal is that visitors on our web page could make free call to us. To achieve this, I should allow tcp 8088 (mini http), and udp 10.000-20.000 (RTP) traffic from everywhere to our Asterisk server.

Now I em concerned about security. I em not aware what could be done with the access to the mini http server, and how to protect my system from that.

Can you please inform me what I should take care about, and how to handle this situation.

Thank you in advance on your reply and best regards.