Fortunately, the scope of the Lucky 13 attack appears to be limited to TLS cipher suites that include CBC-mode encryption. Unfortunately, those suites are very common and usually on by default.
In this case, just look for the SSL ciphers that include "CBC" and uncheck them.
If you check Serv-U's "Enable FIPS 140-2 mode" checkbox, the "Advanced SSL Options" panel disappears. Behind the scenes, Serv-U disables all ciphers except SHA ciphers using AES (AES256-SHA and AES128-SHA) and Triple DES (DES-CBC-3SHA). Note that the Triple DES cipher uses CBC. In other words, if you want to retain fine control over your data in motion ciphers, you will need to leave the "Enable FIPS 140-2 mode" box unchecked.