+SSLProtocol all -SSLv2 -SSLv3
+
+# Compression is rarely supported and vulnerable, see CRIME attack
+SSLCompression Off
+
+# Allow insecure renegotiation with clients which do not yet support the
+# secure renegotiation protocol. Default: Off
+#SSLInsecureRenegotiation on
+
+# Whether to forbid non-SNI clients to access name based virtual hosts.
+# Default: Off
+#SSLStrictSNIVHostCheck On