diff --git a/cdap-common/src/main/resources/cdap-default.xml b/cdap-common/src/main/resources/cdap-default.xml
index 07bfa9fbe2d2..e21275379e63 100644
--- a/cdap-common/src/main/resources/cdap-default.xml
+++ b/cdap-common/src/main/resources/cdap-default.xml
@@ -6020,4 +6020,36 @@
     </description>
   </property>
 
+  <property>
+    <name>hsts.enabled</name>
+    <value>false</value>
+    <description>
+      Whether to enable HSTS settings on UI node server.
+    </description>
+  </property>
+
+  <property>
+    <name>hsts.max.age</name>
+    <value>31536000</value>
+    <description>
+      The number of seconds browsers should remember to prefer HTTPS.
+    </description>
+  </property>
+
+  <property>
+    <name>hsts.include.sub.domains</name>
+    <value>true</value>
+    <description>
+      Whether to include the includeSubDomains directive, which makes this policy extend to subdomains.
+    </description>
+  </property>
+
+  <property>
+    <name>hsts.preload</name>
+    <value>true</value>
+    <description>
+      Adds the preload directive, expressing intent to add your HSTS policy to browsers.
+    </description>
+  </property>
+
 </configuration>