It looks like you're new here. If you want to get involved, click one of these buttons!
I would suggest to make vulnerability discovery in Vanilla harder by removing web access to the cache directory (or relevant parts of it). E.g. http://vanillaforums.org/cache/p_core_library_map.ini
I suggest adding some rules to the .htaccess file that comes 'preinstalled' with Vanilla.