diff --git a/.gitignore b/.gitignore
index 61d970a274b8dc1a573bf8fd31083ab984197bff..1dc24183ad30092742a351bd094b4ae5573052be 100644
--- a/.gitignore
+++ b/.gitignore
@@ -47,3 +47,4 @@ atlassian*
/var/*
!/var/.htaccess
/vendor
+!/vendor/.htaccess
diff --git a/.htaccess b/.htaccess
index 9f630df0ae681e1dea7bca6587f1d2e082e7a23c..6f4a72079b4ca649a2cc4abb870ee52cfa8107b7 100644
--- a/.htaccess
+++ b/.htaccess
@@ -170,13 +170,81 @@
</IfModule>
###########################################
-## Deny access to release notes to prevent disclosure of the installed Magento version
-
- <Files RELEASE_NOTES.txt>
- Order allow,deny
- Deny from all
+## Deny access to root files to hide sensitive application information
+ <Files composer.json>
+ order allow,deny
+ deny from all
</Files>
-############################################
+ <Files composer.lock>
+ order allow,deny
+ deny from all
+ </Files>
+ <Files .gitignore>
+ order allow,deny
+ deny from all
+ </Files>
+ <Files .htaccess>
+ order allow,deny
+ deny from all
+ </Files>
+ <Files .htaccess.sample>
+ order allow,deny
+ deny from all
+ </Files>
+ <Files .php_cs>
+ order allow,deny
+ deny from all
+ </Files>
+ <Files .travis.yml>
+ order allow,deny
+ deny from all
+ </Files>
+ <Files CHANGELOG.md>
+ order allow,deny
+ deny from all
+ </Files>
+ <Files CONTRIBUTING.md>
+ order allow,deny
+ deny from all
+ </Files>
+ <Files CONTRIBUTOR_LICENSE_AGREEMENT.html>
+ order allow,deny
+ deny from all
+ </Files>
+ <Files COPYING.txt>
+ order allow,deny
+ deny from all
+ </Files>
+ <Files Gruntfile.js>
+ order allow,deny
+ deny from all
+ </Files>
+ <Files LICENSE.txt>
+ order allow,deny
+ deny from all
+ </Files>
+ <Files LICENSE_AFL.txt>
+ order allow,deny
+ deny from all
+ </Files>
+ <Files nginx.conf.sample>
+ order allow,deny
+ deny from all
+ </Files>
+ <Files package.json>
+ order allow,deny
+ deny from all
+ </Files>
+ <Files php.ini.sample>
+ order allow,deny
+ deny from all
+ </Files>
+ <Files README.md>
+ order allow,deny
+ deny from all
+ </Files>
+
+################################
## If running in cluster environment, uncomment this
## http://developer.yahoo.com/performance/rules.html#etags
diff --git a/pub/errors/.htaccess b/pub/errors/.htaccess
index 5a3f0a15d124ed9f66b3fd0e97ad4d6ae7cce0f7..8b6b8e6fff00041cdc996fa70db03542ea6e3978 100755
--- a/pub/errors/.htaccess
+++ b/pub/errors/.htaccess
@@ -2,6 +2,6 @@ Options None
<IfModule mod_rewrite.c>
RewriteEngine Off
</IfModule>
-<FilesMatch "\.(xml|phtml)$">
- Deny from all
-</FilesMatch>
\ No newline at end of file
+
+order allow,deny
+deny from all
diff --git a/setup/config/.htaccess b/setup/config/.htaccess
new file mode 100644
index 0000000000000000000000000000000000000000..281d5c33db37cd1cc887dbb2d36897b897835071
--- /dev/null
+++ b/setup/config/.htaccess
@@ -0,0 +1,2 @@
+order allow,deny
+deny from all
diff --git a/setup/performance-toolkit/.htaccess b/setup/performance-toolkit/.htaccess
new file mode 100644
index 0000000000000000000000000000000000000000..281d5c33db37cd1cc887dbb2d36897b897835071
--- /dev/null
+++ b/setup/performance-toolkit/.htaccess
@@ -0,0 +1,2 @@
+order allow,deny
+deny from all
diff --git a/setup/src/.htaccess b/setup/src/.htaccess
new file mode 100644
index 0000000000000000000000000000000000000000..281d5c33db37cd1cc887dbb2d36897b897835071
--- /dev/null
+++ b/setup/src/.htaccess
@@ -0,0 +1,2 @@
+order allow,deny
+deny from all
diff --git a/setup/view/.htaccess b/setup/view/.htaccess
new file mode 100644
index 0000000000000000000000000000000000000000..281d5c33db37cd1cc887dbb2d36897b897835071
--- /dev/null
+++ b/setup/view/.htaccess
@@ -0,0 +1,2 @@
+order allow,deny
+deny from all
diff --git a/vendor/.htaccess b/vendor/.htaccess
new file mode 100644
index 0000000000000000000000000000000000000000..cb24fd7fc0b3a0e46f6cad19e834117476bd0341
--- /dev/null
+++ b/vendor/.htaccess
@@ -0,0 +1,2 @@
+Order allow,deny
+Deny from all