Ok, well. The .htaccess of wordfence protects some screenshots (not really useful i think) and the readme.txt (useful because this hides the version of wordfence) and also the .htaccess (not useful, because this file is protected from being read by default, at least on a basic Debian/Apache installation).
As this .htaccess does not protect any other files as these, what you can probably do is just remove the .htaccess file and rename the readme.txt.
Does anybody have an opinion on this ?