Its been a while since we got the issue that one of our demo site themes has been ripped and download for free. As to protect others atleast the themes in SE.
To make all .css files protected and disallow others to download your hardwork, you need to open the .htaccess file at /application/themes/.htaccess and remove the css at tag, heres the basic .htaccess.
deny from all
<FilesMatch "\.(ico|pdf|flv|jpg|jpeg|png|gif|js|swf|ttf|eot)$">
allow from all
</FilesMatch>
In-case you have a css inside one of your themes e.g. /application/themes/default/externalcss/fonts.css, you can simply add add a .htaccess to that folder:
allow from all RewriteBase /application/themes/default/externalcss/
Hope this helps! Cheers!