Remediation Steps

Follow the steps below to remediate this finding on Nginx webserver.

1. In your nginx.conf server block (HTTPS only), add:

   add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;

2. Reload Nginx:

   sudo systemctl reload nginx