"To enable HSTS on your domain name, place or edit your .htaccess file via the file manager. This file is located in the /public_html/ directory.
Add the following line to the top of the file if you are only using HSTS on the domain name:
Header set Strict-Transport-Security "max-age=31536000" env=HTTPS
Add the following line to the top of the file if you are also using HSTS on subdomains:
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains" env=HTTPS
