How to enable Strict-Transport-Security (HSTS) for domain in case of apache and nginx are enabled?
1. Enable Permanent SEO-safe 301 redirect from HTTP to HTTPS in Plesk > Domains > example.com >Hosting Settings.
2. Go to Plesk > Domains > example.com > Apache & nginx Settings and insert the following Additional nginx directive:
CONFIG_TEXT: add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
HSTS option in Plesk GUI is yet to be implemented in Plesk. You may want to suggest new functionality in Plesk on Plesk User Voice portal: