Recommendation for securing Apache, nginx, and Lighttpd
Recently, I was working with the web administrators at a company, who had stated that they failed a security audit, due to lax ciphers on their web servers.
When they asked for my recommendations, I immediately pointed them over to Cipherli.st for a list of very useful recommendations for securing their Apache web servers. I highly recommend the advice they give on ciphers.