diff --git a/CHANGELOG.md b/CHANGELOG.md
index 3f99d8258..8f1baf2d0 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,11 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
+## [v4.6.3](https://github.com/userfrosting/UserFrosting/compare/v4.6.2...v4.6.3)
+
+### Security
+- Added placeholder URL for `site.uri.public` in configuration to guard against Host Header Injection attacks by default in production.
+
 ## [v4.6.2]
 
 ### Changes
diff --git a/app/sprinkles/core/config/production.php b/app/sprinkles/core/config/production.php
index 6c57a6757..8272211e2 100644
--- a/app/sprinkles/core/config/production.php
+++ b/app/sprinkles/core/config/production.php
@@ -52,6 +52,9 @@
             'ajax' => false,
             'info' => false,
         ],
+        'uri' => [
+            'public' => 'https://example.com',
+        ],
     ],
     /*
      * Send errors to log