Currently, after given permission:
chown -R root:www-data /etc/phpmyadmin/
chown -R hestiamail:www-data /usr/share/phpmyadmin/tmp/
Phpmyadmin gui is made to public, how to make it available only to logged in users?
Well, I will not give you a solution but share what I have implemented.
I do not use the default location of /etc/phpmyadmin/, i.e. I do not install it and this, it is not available in HestiaCP. I install it manually in a seperate directory under a different user and under a subdomain. For example:
/home/user/web/mydomain.com/public_html/admin/phpmyadmin
This directory - either admin or phpmyadmin - is protected by .htaccess.
Thereafter, you can have an access in different ways to the phpmyadmin/index.php and it will be protected. For using with multiple users, this work around can be achieved differently and needs to be worked out. This installation should be updated manually as it will not get updated automatically.