Apache's mod_userdir allows users to view their sites by entering a tilde(~) and their username as the uri on a specific host. For example http://test.cpanel.net/~fred/ will bring up the user fred's domain. The disadvantage of this feature is that any bandwidth usage used by this site will be put on the domain it is accessed under (in this case test.cpanel.net). mod_userdir protection prevents this from happening. You may however want to disable it on specific virtual hosts (generally shared ssl hosts.)
First you'll need to login to WHM for your server, https://serversip/whm (serversip being the ip address of your dedicated server or vps).
Once you are logged into WHM, you will want to browse over to the following path:
Main >> Security Center >> Apache mod_userdir Tweak
From there, you can select which accounts you want to enable for mod_userdir