SSL-Labs provides a simple ssl analysis, it states:
This server is vulnerable to the OpenSSL CCS vulnerability (CVE-2014-0224) and exploitable.
Can you prove that you're not using an attackable openssl version?
You also provide an incomplete certificate chain:
StartCom Class 1 Primary Intermediate Server CA is not send by your server.
And you should consider to use 4096bit modulus.
And you're accepting RC4: