I have been getting these messages in apache error.log for a long time:

[client 217.197.152.228] File does not exist: /var/www/phpmyadmin
[client 217.197.152.228] File does not exist: /var/www/pma
[client 217.197.152.228] File does not exist: /var/www/admin
[client 217.197.152.228] File does not exist: /var/www/dbadmin
[client 217.197.152.228] File does not exist: /var/www/myadmin
[client 217.197.152.228] File does not exist: /var/www/PHPMYADMIN
[client 217.197.152.228] File does not exist: /var/www/phpMyAdmin

And much more different addresses. Appears like somebody is attempting to guess where my admin programs are situated. What must i fear in cases like this, and exactly what a understanding of my admin addresses can provide to attacker, if things are password protected?

If things are locked lower well, fear nothing. These are merely automated attacks which happen to each URL around. Same factor transpires with me, and that i don't even run PHP on my small server.

Without having the most recent patches (like on say, WordPress), then yes this can be a large problem, only one that's relatively simple to repair.

for those who have admin or restricted folders you can configure it in htaccess to limit access simply to your ip or ip range such as this

<Directory /var/www/AdminFolder/>
    Options FollowSymLinks
    Order Deny,Allow
    Deny from all
    Allow from 128.98.2.4 # your ip only
</Directory>

It are only a great choice for those who have static ip, however you'll be completely certain you ll be the sole someone to get inside adminfolder

When they look for a login page they might attempt to perform a brute force attack or any other password cracking approach.

In these instances if there's an IP that's consistently exhibiting such behavior we block it with denyhosts and ModSecurity.