diff --git a/src/Server.php b/src/Server.php
index ca80bf18..3a1d8b83 100644
--- a/src/Server.php
+++ b/src/Server.php
@@ -660,11 +660,12 @@ protected function _setRequest($request)
             } else {
                 $xml = $request;
             }
-
+            libxml_disable_entity_loader(true);
             $dom = new DOMDocument();
             if(strlen($xml) == 0 || !$dom->loadXML($xml)) {
                 throw new Exception\InvalidArgumentException('Invalid XML');
             }
+            libxml_disable_entity_loader(false);
         }
         $this->request = $xml;
         return $this;
diff --git a/src/Wsdl.php b/src/Wsdl.php
index b2f853a5..b0127e22 100644
--- a/src/Wsdl.php
+++ b/src/Wsdl.php
@@ -89,13 +89,14 @@ public function __construct($name, $uri, ComplexTypeStrategy $strategy = null, a
                     xmlns:xsd='http://www.w3.org/2001/XMLSchema'
                     xmlns:soap-enc='http://schemas.xmlsoap.org/soap/encoding/'
                     xmlns:wsdl='http://schemas.xmlsoap.org/wsdl/'></definitions>";
+        libxml_disable_entity_loader(true);
         $this->dom = new DOMDocument();
         if (!$this->dom->loadXML($wsdl)) {
             throw new Exception\RuntimeException('Unable to create DomDocument');
         } else {
             $this->wsdl = $this->dom->documentElement;
         }
-
+        libxml_disable_entity_loader(false);
         $this->setComplexTypeStrategy($strategy ?: new Wsdl\ComplexTypeStrategy\DefaultComplexType);
     }
 
@@ -135,8 +136,10 @@ public function setUri($uri)
             // @todo: This is the worst hack ever, but its needed due to design and non BC issues of WSDL generation
             $xml = $this->dom->saveXML();
             $xml = str_replace($oldUri, $uri, $xml);
+            libxml_disable_entity_loader(true);
             $this->dom = new DOMDocument();
             $this->dom->loadXML($xml);
+            libxml_disable_entity_loader(false);
         }
 
         return $this;