Today the work webserver was identified as being susceptable to CVE-2014-3566 comonly referred to as POODLE. It appears to be related to
With some reading and a chat with 'andre' online I was pointed at this website https://cipherli.st/ with details for ensuring apache and many other applications are configured securely. Milage may vary dependant upon versions installed ;)
Essentially I took to removing
SSLv3, employing the suggested ciphers and forcing their order. I take no credit for this - it's all on the page.
Basically, the httpd.conf SSL entries are updated to these:
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLProtocol All -SSLv2 -SSLv3 SSLHonorCipherOrder On