diff --git a/README.md b/README.md
index 84467f0..c4945f9 100644
--- a/README.md
+++ b/README.md
@@ -89,7 +89,16 @@ RewriteRule ^ %1%3%{REQUEST_URI} [R=301,L]
 
 ### Force HTTPS
 ``` apacheconf
-Header always set Strict-Transport-Security "max-age=604800; includeSubDomains"
+RewriteEngine on
+RewriteCond %{HTTPS} !on
+RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
+
+# Note: It's also recommended to enable HTTP Strict Transport Security (HSTS) 
+# on your HTTPS website to help prevent man-in-the-middle attacks.
+# See https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security
+<IfModule mod_headers.c>
+    Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
+</IfModule>
 ```
 
 ### Force HTTPS Behind a Proxy