Recently I embarked on finding the optimal NGINX SSL security settings and stumbled across this post: https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html

For a number of reasons, it recommends disabling SSLv3 (as a result of its insecurity), settings AES256 as the standard cipher to utilize and a couple of other things that can prevent attacks. Good stuff to tighten up security on an NGINX SSL implementation.