# Enable HSTS header
# Only add this to server blocks with TLS

proxy_hide_header Strict-Transport-Security;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;