Recently I embarked on finding the optimal NGINX SSL security settings and stumbled across this post:

For a number of reasons, it recommends disabling SSLv3 (as a result of its insecurity), settings AES256 as the standard cipher to utilize and a couple of other things that can prevent attacks. Good stuff to tighten up security on an NGINX SSL implementation.