C3rd

Nowadays its very important that you configure your Server's SSL right. So one thing to test your configuration is enter your website at Qualys SSL Server Test and get your score. So far, I can score A+ for this unlike the security headers, I only get "A". Its very simple to achieve this, just edit /etc/apache2/conf-available/ssl.conf and change following:

SSLProtocol all -SSLv2 -SSLv3

SSLHonorCipherOrder on

Then save your changes and restart your Apache. That's it! You should get an A+ for that. Note: It was just recently that you have to turn on that SSLHonorCipherOrder or "Apache for Forward Secrecy" to ON. Reference: https://www.digicert.com/ssl-support/ssl-enabling-perfect-forward-secrecy.htm