This error occurs when the host in your /elgg-config/settings.php is different from the host in PHP.

This is done to help prevent malicious link generation.

https://github.com/Elgg/Elgg/blob/b7b6827e6aa3374670414bb9838d4d39e9a9fd4a/engine/classes/Elgg/Http/Request.php#L466-L478

@Jerome Bakker, thanks for the detailed insight.

I found the solution to it by properly defining the SSL/https rewrite request in .htaccess as bellow:

#First redirect all Http request to https
#Ensure that we exclude any sub-domains

RewriteCond %{HTTP_HOST} ^(www\.)?myhotfb.com$ [NC]
RewriteCond %{HTTPS} off
RewriteRule ^ https://www.myhotfb.com%{REQUEST_URI} [NC,L,R]

#Secondly redirect all non-www to www

RewriteCond %{HTTPS} on
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [NC,L,R]

I use Godaddy.com linux hosting. To get around invalid host error when vistor use www.mycoolsite.com, I just strip out the www. in front of the user link and it solved error.  

  # If you must add RewriteRules to change hostname, add them directly below (above all the others)

    # ## strip www from vistor's url by Robert Cooper for Elgg6 ######
    
    RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
    RewriteRule ^(.*)$ http://%1%{REQUEST_URI} [R=301,QSA,NC,L]

    # ## end strip www code   ################################