In IIS, we can add a new header for our site, though, we can also set the response header at the server or folder level if necessary.
- Open IIS Manager and select the site
- Double-click on the HTTP Response Headers
- Click Add…
- Set the name to: Strict-Transport-Security
- Set the value to: max-age=10886400 then click OK
