Before you start solving the problem, you need to check whether this problem exists at all... Well, Of course, after optimizing the site, you need to check that all the settings are working correctly.
This guide will help you check if the HSTS header is configured correctly for your site.

How to check

Picture

There is an excellent resource for checking server response headers - Yandex Webmaster
We have already told you how to use it more than once, so let’s get straight to the point.

Insert a link to the site and check.

The HTTP status code should be “200 OK” and among the other headers there should be a line like this

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

The max-age parameter can be greater than 31536000 seconds, but cannot be less.
If you have This header contains all the specified parameters, which means everything is in order.

We also recommend adding your site to the Preload List, read about this on the page "How to customize the HSTS header".

Useful articles

HTTP Strict-Transport-Security - response header

This article describes Strict-Transport-Security in great detail, provides useful examples and how best to use it. You can also find out how the browser behaves with an HTTPS connection and returning the Strict-Transport-Security header