What with the Version 86 moving into the EDGE Tier, ftpd (the FTP service) is disabled by cPanel by default. This is due to the fact that FTP, by design, was not built to be secure. Since FTP relies on unenforced encryption and clear-text usernames and password, any data sent via FTP is vulnerable to various methods of attacks.
As a result, in the new installations of cPanel & WHM, ftpd will be disabled by default. This starts with Version 86 and all end-users utilizing Version 86 will not possess the ability to transfer data on their servers using the process of FTP.
Benefits of Disabling FTP
Any data transferred via ftp is vulnerable to spoofing, brute force attacks, and sniffing. Hence removal of FTP provides a more secure default cPanel & WHM setup. This also allows for further server customization.
What should be done?
You can use many other safer alternatives to transferring data across your servers. This includes SFTP and the Web Disk feature. Should you feel the need to continue using FTP on your server, you can re-enable via WHM’s “FTP Server Selection” tool or you may run the following script:
“./scripts/setupftpserver”
and then choose your FTP server of choice. Please note, FTP can be disabled again using any of those two methods.
System administrators should consider disabling the FTP service in existing installations if customers do not require it. It should be noted that this will not impact customers who run cPanel & WHM Version 84 and older. 86 is the new LTS version, hence in order to receive on-going support an upgrade is to be required.
