This website is not using HSTS, also known as Strict Transport Security. HSTS is a special HTTP response header, sent by the web server on content served over SSL, which tells the browser to always use SSL when talking to this website. HSTS not only adds security, but improves performance since your visitors will always exclusively use the SSL version of your website, allowing them to also use SPDY.
Supporting this you would get A+ instead of A at www.ssllabs.com
It can be solved adding this to nginx.conf:
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";