ANSWER: We default completely to CloudFlare for our TLS ciphers by using the default OpenSSL configuration on Nginx and keeping that updated to Nginx “dev” release. That means the TLS ciphers are set by CloudFlare and their Comodo CA certificate and not by LittleBizzy.
While its possible to support older versions of TLS ciphers by ditching CloudFlare or manually adding “old” ciphers to Nginx server blocks, we don’t recommend or allow this. Using modern TLS ciphers is a good idea because it means the best in security for your visitors.
Look at all these “insecure” ciphers that the HTTP/2 projects warns about:
In conclusion if any of your users are seeing SSL errors tell them to upgrade their browser to latest (or somewhat recent) version and it should be fixed.