directadmin.conf option called: ssl_cipher= default value is internally 'null' (not used). If anything is set for that variable (has to eb added) then those values are passed to the ssl function: SSL_set_cipher_list so as to enforce which versions of ssl are allowed to connect. The main reason to use this feature is to pass low level security scans which don't like SSLv2. A sample value for this option would be: ssl_cipher=ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP a strict cipher would be (for PCI compliance): ssl_cipher=SSLv3 other reported ciphers for PCI compliance (Trustwave): ssl_cipher=HIGH:!SSLv2:!ADH:!aNULL:!eNULL:!NULL