Maybe you could send HSTS headers too? They're easy to configure, check out the #
Wikipedia
entry on how to implement it
https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#Implementation