As of the release of cPanel & WHM version 86, new installations will have FTP disabled by default.
Data transmitted using FTP is vulnerable to brute force attacks, spoofing, and sniffing. Removing the protocol from the product provides a more secure default cPanel & WHM setup and allows further server customization.
There are several safer alternatives to transferring data to and from your servers, including SFTP and the Web Disk feature.
What can you do?
If you find the need to continue to use FTP on your server, you can either re-enable via WHM’s “FTP Server Selection” tool or by running the following script to select either Pure-FTPd or ProFTPD:
FTP can also be disabled again using those two methods.
We recommend system administrators should consider disabling the FTP service in their existing installations if their customers do not require it.