If you care about the scoreboard you have to figure out something to better validate the score sent from the client. The current mechanism is broken in 5 minutes. (The single Cheater entry in easy scoreboard was by me, sorry, but we are in beta so I had to test if it was as easy as it looked. I won't do more.) Remember everything that is in the game client can be read, obfuscation helps a bit but not much. Ultimately there is no protection, because with global scores you only need a single person to break the protection to mess it up for everyone else
A simple workaround would be to use accounts for the scoreboards. This way people who submit hacked entries can get removed and banned. This requires that you store more than just the Top 10 scores because once an entry is removed the older entries need to fill it up. If you don't want to actively monitor the scoreboard you could allow each player to decide themselves whose entries they want to filter out.
Another workaround with less work for you is to use time-based scoreboards, so hacked entries will become less relevant the older they are. Of course as long as a single hacker is interested in the board he can keep messing it up daily.
Well this were just ideas. I don't know how much you care about the scoreboard, but a good one needs some love and work to protect it from hackers. I added some more ideas here
PS: Also the server holding the scoreboard data is not protected, you didn't even disable directory listing. I was able to browse to the page with the crash reports people submitted. (Not that I could use them for anything, but still!) On the score server you should disable directory listing and any other service you don't need. Also pages not used by the client (like the viewing of crash reports) should require authentication, so only you and your staff can use them. If you move them to a subdirectory you can protect them by a simple .htaccess file.
