# /etc/apache2/conf-available/hsts.conf Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"