Apache Howto - Perfect SSL Security

I often get asked for the best way to ensure perfect A or A+ level of SSL security on Apache web servers. So to answer that particular question, here is how I go it.

Firstly, adding the following to /etc/apache/config-available/security.conf to ensure the SSL security across all virtual hosts:

<IfModule mod_ssl.c>
  SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
  SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
  SSLHonorCipherOrder On
  SSLCompression off
</IfModule>

Once you have added this to the config file, just restart apache and boom, security.