Once SSL is enabled you can specify which client ciphers will be allowed. By eliminating both SSL 2.0 and SSL 3.0 ciphers that are less than 128 bits, you can ensure that only "stronger ciphers" can access the server.

Specify preferred ciphers under Server Preferences > Encryption Preferences. If you disallow all ciphers below 128 bits, when a 40-bit client hits the server the following error will be logged:

[<time stamp>] failure: Error receiving connection (SSL_ERROR_NO_CYPHER_OVERLAP)

Please do not confuse Encryption Preferences with the Stronger Ciphers commands under Server Preferences. Here the "secret key size" of the browser/server session is queried. This is exactly the same as watching the HTTPS_SECRETKEYSIZE environment variable during a secured CGI session.