Force ASP.NET HTTPS
Use the NWebSec.Owin NuGet package and add the following line of code to enable
Strict Transport Security accross the site. Dont forget to add the Preload
directive below and submit your site to the HSTS Preload site.
More information here and here. Note that if you are not using OWIN, there is a Web.config method you can read up on on the NWebSec site.
// app is your OWIN IAppBuilder app in Startup.cs
app.UseHsts(options => options.MaxAge(days: 30).Preload());
Disturbed Dormouse