To be efficient, the server cipher order should be used: # Mitigate B.E.A.S.T attack SSLHonorCipherOrder on SSLCipherSuite RC4:HIGH:MEDIUM:!ADH:!MD5:!SSLv2 SSLProtocol all -SSLv2 Regards -- Mathieu Parent