server_tokens off;
HSTS is a security feature that ensures connections to your server occur only over HTTPS, thereby mitigating risks associated with protocol downgrade attacks and improving overall security by enforcing secure connections.
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";