Here are some configurations in Apache and PHP needed to make your server PCI compliant.
Only allow secure SSL versions (version 3 and TLS 1)
SSLProtocol -ALL +SSLv3 +TLSv1
Only allow secure Ciphers
Keep PHP from giving out info about itself (php.ini)
expose_php = Off
Also of note, PHP 4 is dying. Need to move to PHP 5 asap.