Strict Transport Security or HSTS instructs web browsers to only use secure connections for all future requests when communicating with a web site. Doing so helps prevent SSL protocol attacks, SSL stripping, cookie hijacking, and other attempts to circumvent SSL protection.

You can enable HSTS to your site using the following rule within your .htaccess file.
HTML Code:
<IfModule mod_headers.c>
Header set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
</IfModule>
To enable HSTS for your site, you must have a valid SSL certificate already installed and activated. If you do not, and you enable HSTS anyway, visitors will be unable to access your site.
When the web server sends this header, any browser that accesses the site over HTTPS will be unable to access the unsecured HTTP site for the specified length of time.

Therefore, as soon as you enable HSTS, you should not stop using SSL on your site. If you do, returning visitors will be unable to access your site.