Delphin has a point there too.
It is pretty much the same reason why SEO just doesn't matter to us. All our members know eachother IRL basically, and new members either meet us at events or in the media (interviews, etc). And then not to mention that the index.php thing is actually a very outdated SEO micro-optimization myth that is obsolate for many years now.
But let me make another point, dear "VictorH". We don't even know who are you. No name, no introduction, no proper saying hello. You are just a random internet name, coming here and telling us around how to do our stuff. Why should we listen to you? Who are you? Why should we give a thought about your advices which are obviously wrong? You can't even look up the IP address of a website! Because if you could, you would not have made your second point.
You say you don't know who to contact with security issues? Sure, we have no mailing list for it, but you see us admins here. There's Ralesk and there's me. You can send us a PM through the forum and that's it. If you do, you could also give an explanation of who you are and what you want.
I really don't understand what makes you think that it is okay, to rush into someone's house and boss the people around in their own house about how they should do stuff. Because basicaly that is what you are doing. You are just a random, nameless guy from the internet we don't know shit about... why shall we listen to you?