disable SSLv3
SSLv3 is insecure.
See https://www.openssl.org/~bodo/ssl-poodle.pdf http://heise.de/-2424122 (german)
It should be disabled in general or there should be at least an option to disable it.
workaround: copy /usr/local/ispconfig/server/conf/nginx_vhost.conf.master to /usr/local/ispconfig/server/conf-custom and add ssl_protocols TLSv1 TLSv1.1 TLSv1.2; after the two lines starting with ssl_certificate_key
Thanks for your great software, Sven