This piece of shit site is a snitch site to enable fascists to harass drag queens, any children attending these events GNC people in general, and any parents who would dare attend an event which encourage their child to read.
It needs spam. And it needs it now.
Not really. Once the socket is open, it going to be associated with an IP address somewhere in the OS's network stack. None of this happens at the application layer (and 'applications' like Apache/Nginx are among the most hardened things out there, for what its worth). I think this is the wrong approach.
If there is any hope, it is looking for some mistake in the server configuration. Maybe they have a shitty firewall set up and you can connect to a database or the PHP-FPM module from outside. Maybe they have extra, unneeded services running on the server which expose additional attack surface. Maybe they used a dictionary word as their SSH password. All of this would require not only gross negligence, but self-defeating intervention on their behalf though (default settings tend to be secure. You have to go out of your way, read a bunch of tutorials, and do the opposite of what they say to open up holes like this).
Things might get easier if they are running some large, convoluted web application like Drupal or Wordpress. I can't tell you how many bots would show up in my HTTP access log checking to see if Wordpress was installed. This also takes time though. Usually the weaknesses develop from them setting everything up once, then never updating it.
This is all hypothetical though. Don't get arrested.
In my experience PHP is rarely safe lmao but like you say this is hypothetical