In order to mitigate a BEAST attack, the advice is to prioritize RC4 cipher suites on your Web server to avoid the use of vulnerable cypher block chaining (CBC) suites. But how well do the clients support RC4?
Ivan Ristić of Qualys did some tests at SSL Labs and saw that only 45 of 48,481 unique IP addresses (0.09 percent) did not support RC4. Of those, he concludes that most disabled RC4 for one reason or another.
The recommendation is still to prioritize RC4 cipher suites; however with such great support of RC4, you may be able to eliminate your Web server’s support for CBC.