In general you can't, and you should probably focus your effort in making a compelling game rather than preventing cheating. People can cheat in many types of games, and mostly they don't (particularly if it's single-player).
I'm often amazed over how willing some players are to "cheat", even if it just means getting a top position on some highscore list, and gives them no benefit at all, except possibly bragging rights to their friends. (who probably mostly will think he just is a douche anyway)
The problem is that if cheating is too rampant, it can also seriously hurt how enjoyable the game is for the rest of the players.
Of course it is significantly easier to crack a program where you get the full source code (as in html5), instead of just a compiled binary, even though the latter ofcourse do not stop the dedicated "cracker".
So I think putting at least some hurdles in the way is a good idea, specially if "cracking" otherwise would just mean to figure out what http-request to put in your browsers adress bar. It will significantly lower the number of successful attempts, hopefully to a level where it does not destroy the enjoyability for the people who are interested in actually playing the game.
One example of a way, is to send a bigger portion of the final game state to the server for validation, instead of just the achieved score.
Send some key data (like positions and velocities, simulation time spent, mouse clicks done, etc), and validate if they are within reasonable limits, maybe even compare them to previous validated highscores.
Bigger blocks of data is also a bit trickier to figure out.
Then add some obfuscation too