For Linux:
- Login to Plesk
-
Go to Plesk > Domains > example.com > Hosting Settings > enable Permanent SEO-safe 301 redirect from HTTP to HTTPS
-
Go to Domains > example.com > Apache & nginx Settings and add the following custom value in Additional headers section:
Strict-Transport-Security: max-age=63072000; preload
Note: Strict-Transport-Security parameters are shown as an example only, the custom directive may vary depending on the site owner needs.
For Windows:
- Enable Require SSL for domain and all subdomains in Plesk > Domains > example.com > IIS Settings ;
- Connect to the server via RDP ;
- Go to IIS > ServerName > Sites > example.com > HTTP Response Headers > Add ...
- Submit fields as follows:
Name: Strict-Transport-Security
Value: max-age=31536000; includeSubDomains; preload