I have a client, who wants a website on wordpress. I agreed to do that, but he demand to do it on his own ftp. I would like to protect myself in case he doesn't want to pay and change ftp password.
I thought that the good idea is to call the php function from another domain (my domain), so if he doesn't pay i will change the code from my domain and his website will crash.
Is it good, secure idea to protect myself?
No that's not a good idea,
If the code on his server makes a call to check whether it should work or not, it's not that hard to get that check removed. If you don't trust your client make a contract with him and sign it both. Also you could start by developing the website on your own domain and then when he's satisfied and payed move it over to his.
But as long as he has the code, there's little you can do to prevent that code from working on your command.