XP/IE8 HTTPS support :(

I have a few users that are having issues with my website now that I
disabled SSLv3. Turns out the only cipher that would/should work with
XP/IE8 is TLS1.0: “TLS_RSA_WITH_3DES_EDE_CBC_SHA” (there are two RC4’s
that also work, but I understand that is really not recommended).

Can anyone tell me how to add this to my ssl_ciphers? (I don’t fully
understand the shorthand in the list.)
I see that, based on a recommendation, I do have “!3DES” in the list.
If anyone has any other recommendations to support XP/IE8 with TLS1.0 in
the most secure manner, I appreciate all feedback!

Also, if I put this one last in the list, can I assume it will be the
least preferred by nginx?

Thank you again,
AJ

Try this;

ssl_prefer_server_ciphers On;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers
ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!eNULL:!MD5:!DSS;

Works with IE7/xp, sslabs is ok with this as well.

Posted at Nginx Forum:

Also, if I put this one last in the list, can I assume it will be the
least preferred by nginx?

Read here:
https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configuration

Lukas