Ny reason why TLS 1.1 and 1.2 are disabled on Windows Server 2008 R2

Server 2008 R2/Windows 7 introduced TLS 1.1 and TLS 1.2 support for Windows, and was released prior to the attacks that made TLS 1.0 vulnerable, so it's probably just a matter of TLS 1.0 being the default because it was the most widely used TLS version at the time Server 2008 R2 was released (July, 2009).

Not sure how you'd know for sure, or find out "why" a design decision was made, but given that Windows 7 and Server 2008 R2 introduced the feature to the Windows family, and Windows Server 2012 uses TLS 1.2 by default, it would seem to suggest it was a matter of "the way things were done" at the time. TLS 1.0 was still "good enough," so it was the default, but TLS 1.1 and 1.2 were supported for forward-support and forward-operability.

This technet blog from a Microsoft employee recommends enabling the newer versions of TLS and also notes that (as of October 2011):

Among web servers again, IIS 7.5 is the only which supports TLS 1.1 and TLS 1.2. As of now Apache doesn’t support these protocols as OPENSSL doesn’t include support for them. Hopefully, they’ll catch up to the industries new standards.

That further supports the idea that newer TLS versions weren't enabled by default in Server 2008 R2 for the simple reason that they were newer and not widely supported or used at the time - Apache and OpenSSL didn't even support them yet, let alone use them as default.

Details on precisely how to enable and disable the various SSL/TLS versions can be found in the Microsoft KB article number 245030, titled How to restrict the use of certain cryptographic algorithms and protocols in Schannel.dll. Obviously, the Client keys control Internet Explorer, and the Server keys cover IIS.