diff --git a/roles/httpd/reverseproxy/templates/reversepassproxy.bodhi.conf b/roles/httpd/reverseproxy/templates/reversepassproxy.bodhi.conf
index bbb254330d..4cfa0a35d5 100644
--- a/roles/httpd/reverseproxy/templates/reversepassproxy.bodhi.conf
+++ b/roles/httpd/reverseproxy/templates/reversepassproxy.bodhi.conf
@@ -4,3 +4,5 @@ Header unset Set-Cookie
 
 ProxyPass {{localpath}} {{proxyurl}}{{remotepath}}
 ProxyPassReverse {{localpath}} {{proxyurl}}{{remotepath}}
+
+Header always add Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
diff --git a/roles/httpd/reverseproxy/templates/reversepassproxy.elections.conf b/roles/httpd/reverseproxy/templates/reversepassproxy.elections.conf
index b1c1a3a2d5..d9c3efc5e7 100644
--- a/roles/httpd/reverseproxy/templates/reversepassproxy.elections.conf
+++ b/roles/httpd/reverseproxy/templates/reversepassproxy.elections.conf
@@ -8,3 +8,5 @@ Header unset Set-Cookie
 
 ProxyPass {{localpath}} {{proxyurl}}{{remotepath}}
 ProxyPassReverse {{localpath}} {{proxyurl}}{{remotepath}}
+
+Header always add Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
diff --git a/roles/httpd/reverseproxy/templates/reversepassproxy.fas.conf b/roles/httpd/reverseproxy/templates/reversepassproxy.fas.conf
index beb69201b5..7048e74879 100644
--- a/roles/httpd/reverseproxy/templates/reversepassproxy.fas.conf
+++ b/roles/httpd/reverseproxy/templates/reversepassproxy.fas.conf
@@ -10,3 +10,5 @@ ProxyPassReverse /accounts/user/dogencert http://fas1/
 
 ProxyPass {{localpath}} {{proxyurl}}{{remotepath}}
 ProxyPassReverse {{localpath}} {{proxyurl}}{{remotepath}}
+
+Header always add Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
diff --git a/roles/httpd/reverseproxy/templates/reversepassproxy.pkgdb.conf b/roles/httpd/reverseproxy/templates/reversepassproxy.pkgdb.conf
index c1cf163030..b89e28384d 100644
--- a/roles/httpd/reverseproxy/templates/reversepassproxy.pkgdb.conf
+++ b/roles/httpd/reverseproxy/templates/reversepassproxy.pkgdb.conf
@@ -37,3 +37,5 @@ Header unset Set-Cookie
 
 ProxyPass {{localpath}} {{proxyurl}}{{remotepath}}
 ProxyPassReverse {{localpath}} {{proxyurl}}{{remotepath}}
+
+Header always add Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"