HSTS

HSTS (HTTP Strict Transport Security) is a response header that tells browsers to only ever connect to your site over HTTPS, even if a user types http:// or clicks an old link. It closes the small window where a first plaintext request could be hijacked and downgraded. Sites can also join the browser preload list so the rule is baked in before the first visit.