Strict-Transport-Security Header is Missing
The HTTP Strict-Transport-Security response header (often abbreviated as HSTS) lets a web site tell browsers that it should only be accessed using HTTPS, instead of using HTTP. Mozilla
Configure your server to send this header for all pages. You can see references for possible values.