# Enables HTTP Strict Transport Security (HSTS) which instructs browsers to
# always request the resource over HTTPS, preventing a stripping/downgrade
# attack.

map $scheme $hsts_header {
    https   max-age=31536000;
}

add_header Strict-Transport-Security $hsts_header;