The first tip for setting the cipher suite in Apache httpd is incomplete without:
SSLHonorCipherOrder On
Without it, the client's preference is used, which may be a slower cipher in your list. You'll want to revise your SSLCipherSuite directive and there's nothing wrong with specifying individual ciphers instead of aliases when using such a short list.
You'll also want to monitor the effects of the change. Before you do anything, make sure you're logging SSL information with something like this:
Collect some data for a few days, then update your cipher suite. In most cases, you'll probably want to see RC4-SHA (for now), since it's fast, widely supported and immune to BEAST attacks.
You'll also want to monitor the effects of the change. Before you do anything, make sure you're logging SSL information with something like this:
Collect some data for a few days, then update your cipher suite. In most cases, you'll probably want to see RC4-SHA (for now), since it's fast, widely supported and immune to BEAST attacks.