Best way to not get hacked, is to not use any web-based database access, and for the love of god, do NOT use root as the account to connect your server/AAC to the mysql db, its like asking to get your entire DB deleted.
Simple solutions for a secure database/server:
1. Do not use web-based MySQL database managers, use the tools made by MySQL (Administrator & Query Browser), or navicat if you cannot figure out how to use the MySQL ones, and perferrabley disable remote root-access, unless you're planning on doing alot of database management on root from another computer. (But i doubt you will have reason for that anyways)
2. For connecting your server/AAC to the database, create a new user and ONLY give it privileges to access your OTserv database, nothing else.
Dont EVER use the Root account for anything else than database management and user/server management!
3. Keep your MySQL, Apache and PHP up to date, new releases means new bugfixes and security-fixes.
4. Use long multi-cased numeric ASCII passwords made from made-up words of your own (or words from your own language), so they cannot be bruteforced easilly, a good example would be "fR4gZ03r@d4T0r*U/\/dUl4t5567" or "chW4rtZ3@@k4tZ3***n13Z3895", it may be a bit annoying to type, but it keeps your database safe from most conventional dictionary bruteforcing.
5. Get a router and a good firewall and keep all ports closed exept for the ports needed for Server/Apache/Mysql, and have the firewall keep a log of any connection which connects to your Apache/MySQL which is not from your own computer. (If only programs on your server is meant to connect to your database/whatever, it wouldnt make sense if another IP attempted connecting, would it?)
6. Do frequent database backups, perferrabley several times a day, on a separate drive (USB stick, portable harddrive, etc) thus even if the worst were to happen (Like your dog suddenly gaining "haxxor skills" and deciding on deleting your OTserv database), you will always have an up-to-date backup to restore.
Sure, there is no thing as the "perfectly secure computer", even NASA and FBI and CIA has been hacked, the only way to be perfectly secure is no not use the internet at all, but the tips mentioned above will at least elevate your server beyond the reach of most script-kiddie hackers.