How to implement HTTP Strict Transport Security (HSTS) on AWS Elastic Load Balancer?

Question

I would like to implement HSTS to my application.

I have an ELB terminating SSL and forwarding the traffic to my application, which is an apache server used as reverse p

Answer 1

Please note that since this is not supported for Apache < 2.4, it's best to encapsulate it in = 2.4>, like so:

    = 2.4> 
        
            
                Header set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"