Hide an Instance of SQL Server Database Engine
Applies to: SQL Server (all supported versions)
This topic describes how to hide an instance of the Database Engine in SQL Server by using SQL Server Configuration Manager. SQL Server uses the SQL Server Browser service to enumerate instances of the Database Engine installed on the computer. This enables client applications to browse for a server, and helps clients distinguish between multiple instances of the Database Engine on the same computer. You can use the following procedure to prevent the SQL Server Browser service from exposing an instance of the Database Engine to client computers that try to locate the instance by using the Browse button.
Using SQL Server Configuration Manager
To hide an instance of the SQL Server Database Engine
In SQL Server Configuration Manager, expand SQL Server Network Configuration, right-click Protocols for <server instance>, and then select Properties.
On the Flags tab, in the HideInstance box, select Yes, and then click OK to close the dialog box. The change takes effect immediately for new connections.
If you hide a named instance, you will need to provide the port number in the connection string to connect to the hidden instance, even if the browser service is running. We recommend that you use a static port instead of a dynamic port for the named hidden instance.
For more information, see Configure a Server to Listen on a Specific TCP Port (SQL Server Configuration Manager).
If you hide a clustered instance or availability group name, cluster service may not be able to connect to SQL Server. This will cause the cluster instance IsAlive check to fail and SQL Server will go offline.
To avoid this, create an alias in all the nodes of the clustered instance or all instances that host availability group replicas to reflect the static port that you configured for the instance. For example, on an availability group with two replicas, on node-one, create an alias for the node-two instance, like
node-two\instancename. On node-two, create an alias called
node-one\instancename. The aliases are required for succesfull failover.
For more information, see Create or Delete a Server Alias for Use by a Client (SQL Server Configuration Manager).
If you hide a clustered named instance, cluster service may not be able to connect to SQL Server if the LastConnect registry key (HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSQLServer\Client\SNI11.0\LastConnect) has a different port than the port that SQL Server is listening on. If the cluster service is unable to make a connection to the SQL Server, you might see an error similar to the following:
Event ID: 1001: Event Name: Failover clustering resource deadlock.
Submit and view feedback for