SharePoint 2010 Loopback Checking

SharePoint 2010 Loopback Checking

By Terry Engelstad
AIS Network Operations Manager

There is a security feature in Windows 2008 called Loopback Checking. It’s a security feature in IIS, which is a way of stopping some denial of service (DoS) attacks.

Since SharePoint 2010 runs locally on the server, and accesses its own databases by way of Communication Foundation service calls through IIS, technically, SharePoint is performing what could be construed as a self-denial-of-service-attack. There is a registry hack to turn off the feature.

This feature is only an issue on servers which are domain controllers and running SharePoint and SQL Server at the same time. Loopback Checking is not a problem on servers which are not domain controllers, nor in multi-server farm scenarios where SQL Server is not running on the same server as IIS.

For more information about SharePoint 2010 loopback checking and disabling the loopback check, see Microsoft Support Article 896861.

Leave a Comment