v202109-1 (565) includes a security fix
Mitigated a potential Host header injection vulnerability.
With this fix, TFE will reject any request with
Host header does not match the TFE configured
hostname. All mismatched requests are responded with
HTTP 301, with the
Location header equals to TFE configured
Existing requests to TFE via proxy may stop working, e.g. VCS webhook, TFE API calls in automation scripts with status:
HTTP/1.1 301 Moved Permanently Location: <tfe_hostname>
Modify requests to TFE API to include header
If the issue persists after above solution, please reach out to HashiCorp support for additional assistance.