You have not defined which url's are safe for your application.
Go to /sites/default/settings.php
file and add these lines:
$settings['trusted_host_patterns'] = array(
'^example\.com$',
'^www\.example\.com$',
);
// change example.com to your domain
The error explained
The error message "The provided host name is not valid for this server" is caused by Drupal's trusted host patterns feature, which was added in Drupal 8 to protect against HTTP Host header attacks.
Essentially, it was possible to spoof the HTTP Host header for nefarious purposes and trick Drupal into using a different domain name in several subsystems, particularly link generation.
As a result, Drupal requires a list of "trusted" hostnames that the site can run from. This is where the $settings['trusted_host_patterns'] setting comes in. It is an array of regular expression patterns that represent the hostnames you would like to allow to run from.
If you encounter this error message, the first step is to check whether the $settings['trusted_host_patterns'] setting is configured correctly. Here's an example of how to configure the trusted host patterns setting if your site is running from a single hostname "www.example.com":
$settings['trusted_host_patterns'] = array(
'^www\.example\.com$',
);
If your site is running from "example.com", then you should use:
$settings['trusted_host_patterns'] = array(
'^example\.com$',
);
If you're running a site with multiple domains and/or subdomains, and you're not doing canonical URL redirection, then your setting would look something like this:
$settings['trusted_host_patterns'] = array(
'^example\.com$',
'^.+\.example\.com$',
'^example\.org',
'^.+\.example\.org',
);
Once you adjust $settings['trusted_host_patterns'] to the proper value, you should be able to browse to your site again. You can also check on the status of your trusted host settings from the status report page, which is at admin/reports/status.
If you remove the setting altogether, the trusted host mechanism will not be used, and you will see an error on the status report page. In addition, your site may also be vulnerable to HTTP Host header attacks. If you have this setting configured and are still seeing the "109" error message, then it probably means you have messed up the regular expression syntax. In this case, take the first example and copy/paste it into your settings, then edit it to reflect the hostname your site runs from.