So, in light of the recent Heartbleed attacks, I've been encouraged into looking int getting all our internet-facing websites more secure. I've been running tools at Qualys SSL Labs - Projects / SSL Server Test to test, and our WHD server is currently getting a rating of C, largely limited by the fact that we only have SSL 3 and TLS 1.0 enabled in the protocols for SSL.
So I did some digging around on our CentOS box that runs WHD, and found the server.xml in /usr/local/webhelpdesk/bin/tomcat/conf/. We modified the file to have TLS 1.0 to TLS 1.2 and also SSL v3. I did a restart on WHD, and the changes disappeared. It appears that on restart WHD is overwriting the server.xml file, which is frustrating.
Does anyone know how we can enable TLS 1.1 and TLS 1.2 for this server?