diff --git a/src/webserver.js b/src/webserver.js
index 77f0d4b474..ebf0828bde 100644
--- a/src/webserver.js
+++ b/src/webserver.js
@@ -164,9 +164,7 @@ function setupExpressApp(app) {
 		saveUninitialized: nconf.get('sessionSaveUninitialized') || false,
 	}));
 
-	app.use(helmet({
-		hsts: !!meta.config['hsts-enabled'],
-	}));
+	app.use(helmet());
 	app.use(helmet.referrerPolicy({ policy: 'strict-origin-when-cross-origin' }));
 	if (meta.config['hsts-enabled']) {
 		app.use(helmet.hsts({