diff --git a/config/environments/production.rb b/config/environments/production.rb
index 5ea9ea9bacf..49d2984f318 100644
--- a/config/environments/production.rb
+++ b/config/environments/production.rb
@@ -46,6 +46,7 @@ Rails.application.configure do
 
   config.force_ssl = true
   config.ssl_options = {
+    hsts: { preload: ENV['HSTS_PRELOAD'] == 'true' },
     redirect: {
       exclude: -> request { request.path.start_with?('/health') || request.headers["Host"].end_with?('.onion') || request.headers["Host"].end_with?('.i2p') }
     }