There are only 3 potential security vulnerabilities I can see.  They should be addressed as best as is practical to improve investor and player confidence in the site.

1. The OP is running a scam to fleece investors.  Since there is no way to blind the OP to the server seed, investors have no choice but to assume the OP is honest or to not invest.

2. The implentation of the RNG is flawed.  It would be useful to review the RNG implementation and see if there are any possible ways to further ensure the results are truly random with no predictable pattern.
Some ideas:
A. Perhaps re-randomizing the server seed every roll would help since nonce would always be 1. If this was too taxing on the server, then only re-randomize the server seed every roll for bets over a certain size (eg. 10 BTC).
B. Pull random numbers from a hardware RNG.  Could use a site such as random.org (my concern though would be trading the risk of the OP for risk of a new entity).  This random # would be used as the server seed (cannot be used as the seed # for hashing since would not be provably fair).

3. Security of the server.  This is the biggest concern since hosted on a cloud VPS.  A VPS employee could be compromising the server directly.  Solution would be to move to a dedicated server for increased secured which would seem prudent (even if this is not the issue with nakowa's improbable wins).  Millions of USD worth of bitcoins are at stake afterall.