By now I am sure many of you have heard about the POODLE attack on SSLv3. If you are still supporting allowing clients to downgrade to SSLv3 you may want to stop this practice. It's easy and requires one change to your configuration:
SSLProtocol -all +TLSv1 +TLSv1.1 +TLSv1.2
If you are using any SSLv3 only ciphers however, you may have to remove them as well.
On your browser's side, you should also disable SSLv3 in it as well. This way you can be sure it can never downgrade the connection to SSLv3. One of my trusted info security websites has set up a browser test at
https://poodletest.com/
Edit: typos typos
For firefox you can install https://addons.mozilla.org/en-US/firefox/addon/ssl-version-control/ to disable SSLv3 support
Or simply set in about:config
security.tls.version.min = 1
Poodle is back also for TLS https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8730
Still a valid config is
SSLOptions +StrictRequire +StdEnvVars -ExportCertData
SSLProtocol -all +TLSv1 +TLSv1.1 +TLSv1.2
SSLCompression Off
SSLHonorCipherOrder On
SSLCipherSuite ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:!LOW:!MD5:!aNULL:!eNULL:!3DES:!EXP:!PSK:!SRP:!DSS
More info:
https://community.qualys.com/blogs/securitylabs/2014/12/08/poodle-bites-tls