You want to disable SSL ciphers.
Unfortunately we do not have the ability to disable specific ciphers. Our endpoints use the predefined AWS SSL Security Policies: https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-security-policy-table.html
We do have more customization available for apps in Private Spaces. You can read the details here: https://devcenter.heroku.com/articles/routing-in-private-spaces#ssl-security
An alternative option would be to use Cloudflare or some similar service that can terminate your SSL (with more customization options) and proxy requests to the Heroku app.