diff --git a/lib/middleware/helmet.js b/lib/middleware/helmet.js
index 3107e6b0fc..5b54f4d34e 100644
--- a/lib/middleware/helmet.js
+++ b/lib/middleware/helmet.js
@@ -3,6 +3,11 @@ const helmet = require('helmet');
 module.exports = function(config) {
     if (config.enableHelmet) {
         return helmet({
+            hsts: {
+                maxAge: 63072000,
+                includeSubDomains: true,
+                preload: true,
+            },
             contentSecurityPolicy: {
                 directives: {
                     defaultSrc: [