Mqtt broker. Payed or is it safe to open a port to public?

Not directly a NR related question but i only use mqtt with Nodered
I want to do things with mqtt outside my house. Is it safe to open a public port or is it more safe to use a payed service?? Anyone experience with this?
Or any advice how to protect my mqtt broker to ugly bad programmers from the darkside?

What sort of things?

Send and receive sensor data from sensors around the city

The safest way would be to enable TLS encryption between clients & broker.
That's why I asked 'What sort of things', because you would need to add a TLS CA certificate to each of the clients, and depending upon the clients that's not always possible.

aha ok clear, all wil;l be with a raspberry pi so i guess that wont be a problem? I am not very used to that part

Setting up MQTT TLS isn't the easiest task to do... but this guide could help you create the certificates
If you scroll towards the bottom of the blog, Steve has even written a shell script which makes it even easier.

Cool! Even with a link. Thanks Paul!