As of the release of cPanel & WHM version 86, new installations will have FTP disabled by default.
Data transmitted using FTP is vulnerable to brute force attacks, spoofing, and sniffing. Removing the protocol from the product provides a more secure default cPanel & WHM setup and allows further server customization.
What can you do?
FTP can also be disabled again using those two methods.
We recommend system administrators should consider disabling the FTP service in their existing installations if their customers do not require it.