diff --git a/ssl/hsts.conf b/ssl/hsts.conf
new file mode 100644
index 0000000..f6ea9a5
--- /dev/null
+++ b/ssl/hsts.conf
@@ -0,0 +1,7 @@
+set $hsts_header_value "";
+
+if ($scheme = "https") {
+	set $hsts_header_value "max-age=31536000; includeSubDomains; preload";
+}
+
+add_header	Strict-Transport-Security $hsts_header_value;
\ No newline at end of file