Only 256 bit ciphers and higher. No 128 bit or less.
You should ignore old devices that don’t support new technologies. Security is most important thing.
You should enable Strict Transport Security (HSTS). Please note, that you will not be able to access your site via HTTP after enabling this feature. So please don’t use HTTPS only for admin pages. Only for whole site!
You can (yeah, not must) enable HSTS Preloading. After your site will be preloaded, even if you will be hacked and HSTS headers will be removed on server, you will be in safe. Browsers will use HTTPS instead of HTTP.