Force phpMyAdmin to use HTTPS
To force phpMyAdmin to use HTTPS before prompting for your .htaccess password, you can use an Apache 2.4 If
block.
(This could be used for other URLs as well, and probably should be used before anything that takes credentials to avoid leakage.
<If "! -T %{HTTPS}">
RewriteEngine On
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</If>
Test, and you should see the HTTPS redirect before the .htaccess prompt.