Is there anything that would at least make hacking the game a pain? Some sort of deterant?
1) you can do server side validation on action, logic & network packet format, once a validation failed => logout the user and only enable him to log again after n seconds ( or 1 minute ), this is what will give the most pain to a guy trying to hack your game beacause each time he will try something wrong he will have to wait to make another try (he wont be able to do tests flood)
2) but the most secured way (that cannot work in all case, especially when a game requiering too much computation per client) would probably be to perform all the logic server side and only let the client act as a remote controller & passive viewer, this way your game may not be hackable (as long as your server itself is not hackable too), this is for example what is used for online poker game where a lot of money are engaged and in wich security is important, note that it can also be used in a not turn-based game, for example I use this in a game I am being working on at the moment wich is not turn based
3) = 1 + 2