HTTPS Encryption is a hot topic these days.
With TLS1.0 coming to end you are advised to disable all protocols lower than TLSv1.1.
Please follow the guide underneath to only allow TLSv1.1 and 1.2 with strong Ciphering:
Edit your vhost configuration and add the following options at your certificate settings:
SSLEngine On SSLProtocol all -SSLv2 -SSLv3 -TLSv1 SSLCipherSuite HIGH:!aNULL:!MD5 SSLHonorCipherOrder on SSLCompression off SSLSessionTickets off
After this reload apache and run a test on SSLLabs.com
In case you still experience poor results check the following files for overruling SSL Protocol and Ciphering settings.
The same settings like SSLProtocol and SSLCipherSuite are probably listed underneath. You can comment them out using a hash (#) or put the settings above in these files.
In case of Apache2 (Debian/Ubuntu):
In case of HTTP (CentOS/RHEL/Fedora):
If Let’s Encrypt is installed: