I can see that there’s a lot of bots/scripts that scan a lot of directories (very common vulnerability scan), including phpmyadmin.

SUGGESTION:
Change the vhost config of phpmyadmin - so that it’s ONLY accessible from localhost (127.0.0.1).

THEN:
In the Control Panel - you would need to remove the hyperlink to phpmyadmin and replace it with maybe an IFRAME ?

That way you can only allow browsing to the phpMyadmin from the ControlPanel itself and not have it opened to the public.

I know this can be achieved by Firewall rules, but at the moment - phpMyadmin is hosted on the same port as the actual control panel.
And you might want that opened up.

maybe an IFRAME

I don’t think iframe would help as it loads content using web browser and not server. Some kind of local proxy should do.