The National Cyber Security Centre of the Netherlands releases best practices for securing HTTPS. HTTPS is an important measure for protecting web traffic containing sensitive data. This is becoming increasingly common with modern websites. At the same time, securely configuring HTTPS takes precision. HSTS, forward secrecy and certificates based on SHA-2 are measures that improve the security of web traffic.
HTTP Strict Transport Security (HSTS) is a technique used to instruct a browser only to visit a website via HTTPS. The web server sends an extra header that gives the browser this instruction. For each subsequent visit to this website for a set period the browser will directly ask for an HTTPS version of the website.
Read the paper here – https://www.ncsc.nl/binaries/content/documents/ncsc-en/services/expertise-advice/knowledge-sharing/factsheets/factsheet-https-could-be-a-lot-more-secure/1/Factsheet%2BHTTPS%2Bcould%2Bbe%2Ba%2Blot%2Bmore%2Bsecure.pdf