Apache HSTS
When a user visits your website, the above header will load first and the expiration time is 2 years (63072000 in seconds).
1# Optionally load the headers module:
2LoadModule headers_module modules/mod_headers.so
3<VirtualHost 67.89.123.45:443>
4Header always set Strict-Transport-Security “max-age=63072000; includeSubdomains;”
5</VirtualHost>
6...
7...
8...
9<VirtualHost *:80>
10[…]
11ServerName example.com
12Redirect permanent / https://example.com/
13</VirtualHost>
More details in https://medium.com/@sslsecurity/how-to-enable-hsts-on-apache-nginx-and-lighttpd-8b0c64155911