diff --git a/src/HostingExtensions.cs b/src/HostingExtensions.cs
index 5a19718..2be8e41 100644
--- a/src/HostingExtensions.cs
+++ b/src/HostingExtensions.cs
@@ -3,6 +3,7 @@
 using Duende.IdentityServer.Validation;
 using IdentityServerHost;
 using Microsoft.AspNetCore.HttpOverrides;
+using Microsoft.AspNetCore.HttpsPolicy;
 using Serilog;
 
 namespace Duende.IdentityServer.Demo;
@@ -20,6 +21,12 @@ public static WebApplication ConfigureServices(this WebApplicationBuilder builde
             options.KnownProxies.Clear();
         });
 
+        builder.Services.Configure<HstsOptions>(options =>
+        {
+            options.MaxAge = TimeSpan.FromDays(30);
+            options.IncludeSubDomains = true;
+        });
+
         // cookie policy to deal with temporary browser incompatibilities
         builder.Services.AddSameSiteCookiePolicy();
 
@@ -88,6 +95,11 @@ public static WebApplication ConfigureServices(this WebApplicationBuilder builde
 
     public static WebApplication ConfigurePipeline(this WebApplication app)
     {
+        if (!app.Environment.IsDevelopment())
+        {
+            app.UseHsts();
+        }
+        
         app.UseSerilogRequestLogging();
 
         app.UseCookiePolicy();