Many users still are not aware but simply patching OpenSSL does not secure you against many known and easy to exploit attacks that will render your encryption useless by an attacker.
Use the following setings in /etc/httpd/conf.d/ssl.conf
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH EDH+aRSA !CAMELLIA !SEED !3DES !RC4 !aNULL !eNULL !LOW !MD5 !EXP !PSK !........
Other Security Web SitesSeveral websites actively track security issues. This list provides you with the major providers
of security information on the Web. Many of these organizations also provide newsletters and
mailings to announce changes or security threats:
Center for Education and Research in Information Assurance and Security (CERIAS)
CERIAS is an industry-sponsored center at Purdue University that is focused on technology and