HSTS is a mechanism for forced transition from HTTP to HTTPS. This policy instructs the browser to force all domain addresses from HTTP to HTTPS using the header
Strict-Transport-Security, described in the standard RFC 6797... It is important to take into account that the HSTS policy is cached for a specified period and at this time it will not be possible to return to the HTTP protocol, except for manually clearing the browser security policies.
max-age... Set the parameter to 900 to check the site is working and if everything is in order, you can change it to a higher one.
Header set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" env=HTTPS
max-age- the period of caching the policy in browsers.
includeSubDomains- apply the policy to all subdomains.
preload- a parameter that guarantees the inclusion of a policy for the domain in supported browsers. Enables changing the HTTP protocol to HTTPS before loading the site.
After adding the title, check the site for the correct work of the title in hstspreload.org, in the same place you can add the site to the list of preloaded HSTS browsers.