Sigh.
1. Do not use web-based database management.
2. Keep separate users for each database, never use root for other than user management.
3. Disable remote access to the root account.
4. Use your server computer as a server, not home computer.
5. Use secure passwords containing mixed case, ASCII and numbers.
6. Use a hardware and software firewall and allow a minimum amount of connections. Also keep connection-logs.
7. Use a proper antivirus and never install stuff on the computer if you don't know if its safe or not.
8. Keep your Apache, PHP, MySQL, AAC, as well as windows (or linux), your firewall and antivirus updated.
9. Use MD5/Sha1 passwords on your OT-server's account-passwords.
10. Have knowledge in what you're doing so that you can fix problems/security issues in case they occur. (For example, if you use an AAC, have knowledge in PHP/Webdesign)
Follow those 10 steps and your server will be under no risk of getting hacked unless you encounter a hacker which can hack NASA/FBI/CIA.