diff --git a/server/src/index.ts b/server/src/index.ts
index 7b1b09a4..74af7042 100644
--- a/server/src/index.ts
+++ b/server/src/index.ts
@@ -63,6 +63,7 @@ app.use(helmet({
     }
   },
   crossOriginEmbedderPolicy: false,
+  hsts: process.env.FORCE_HTTPS === 'true' ? { maxAge: 31536000, includeSubDomains: false } : false,
 }));
 // Redirect HTTP to HTTPS (opt-in via FORCE_HTTPS=true)
 if (process.env.FORCE_HTTPS === 'true') {