For some reason webftp_simple is not excluded from Mod_Security and it's generate a lot of warnings and bans for my friends. I have to exclude it from mod_sec settings:
# cat /usr/local/apache/modsecurity-cwaf/custom_user.conf
# Put your custom ModSecurity directives here
# Please don't remove this file
<LocationMatch /webftp_simple/>
<IfModule mod_security2.c>
SecRuleEngine Off
</IfModule>
</LocationMatch>
CWP team will be really good idea to completely disable mod sec for webftp_simple by default or add it to panel server (to be accessible on CWP ports 2030/2031) instead of to users Apache. Also roundcube and phpmyadmin is installed in users apache