We have a vulnerability scan on our site that have Cloudflare protect but we found some weak vulnerability from Zap VA scan.
Zap VA scan found
1.Timestamp Disclosure - Unix
A timestamp was disclosed by the application/web server - Unix
2.Information Disclosure - Suspicious Comments
The response appears to contain suspicious comments
How to hide them in Cloudflare setting