Enable HSTS. Optionally add includeSubdomains to include all subdomains of the current site.
add_header Strict-Transport-Security "max-age=15552000; includeSubdomains;";Explicitly disable HSTS. Usually needed when using SSL with a self-signed cert (the browser won't allow access to the site).
add_header Strict-Transport-Security "max-age=0;";