1 2 3
include http_security_headers.conf; # Enfore HTTP (HTST) security header add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload" always;