Here at Total Server Solutions we spend a lot of time ensuring our servers are PCI Compliant. Some of our clients on VPS Systems and on Dedicated Servers however may not be 100% compliant due to their own internal server management and software control. One of the more frequent items that come up are the "Weak Ciphers" flag. The Ciphers that we recommend at Hands-on Web Hosting are the following: ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:!SSLv2:+SSLv3:+TLSv1:RC4+RSA:+HIGH:+MEDIUM
The above settings are stronger encryption than what most PCI Companies recommend but are accepted by the top 4 PCI Scanning companies as compliant code. To modify, go into your WHM, click the APACHE CONFIGURATION under the SERVICE CONFIGURATION section, then enter the above ciphers into the first part on that page. Once you click save, it will ask to rebuild the apache configuration, and you'll click that too. Have the PCI Company re-run the scan and the ciphers should pass without an issue.