diff --git a/server/middleware/header.go b/server/middleware/header.go
index dbb60873d..14f00da57 100644
--- a/server/middleware/header.go
+++ b/server/middleware/header.go
@@ -22,6 +22,9 @@ func SetHeaders(c *web.C, h http.Handler) http.Handler {
 		w.Header().Add("Cache-Control", "value")
 		w.Header().Set("Last-Modified", time.Now().UTC().Format(http.TimeFormat))
 		w.Header().Set("Expires", "Thu, 01 Jan 1970 00:00:00 GMT")
+		if r.TLS != nil {
+			w.Header().Add("Strict-Transport-Security", "max-age=31536000")
+		}
 		h.ServeHTTP(w, r)
 	}
 	return http.HandlerFunc(fn)