diff --git a/dubbo-serialization/dubbo-serialization-hessian2/src/main/java/org/apache/dubbo/common/serialize/hessian2/Hessian2SerializerFactory.java b/dubbo-serialization/dubbo-serialization-hessian2/src/main/java/org/apache/dubbo/common/serialize/hessian2/Hessian2SerializerFactory.java
index f907e164445d..768c8af288a6 100644
--- a/dubbo-serialization/dubbo-serialization-hessian2/src/main/java/org/apache/dubbo/common/serialize/hessian2/Hessian2SerializerFactory.java
+++ b/dubbo-serialization/dubbo-serialization-hessian2/src/main/java/org/apache/dubbo/common/serialize/hessian2/Hessian2SerializerFactory.java
@@ -22,6 +22,7 @@
 import java.io.Serializable;
 
 import com.alibaba.com.caucho.hessian.io.Deserializer;
+import com.alibaba.com.caucho.hessian.io.HessianProtocolException;
 import com.alibaba.com.caucho.hessian.io.InputStreamDeserializer;
 import com.alibaba.com.caucho.hessian.io.JavaDeserializer;
 import com.alibaba.com.caucho.hessian.io.JavaSerializer;
@@ -65,6 +66,18 @@ protected Serializer getDefaultSerializer(Class cl) {
         } else return JavaSerializer.create(cl);
     }
 
+    @Override
+    public Serializer getSerializer(Class cl) throws HessianProtocolException {
+        try {
+            // 1. Force the security guard pre-check to run first
+            defaultSerializeClassChecker.loadClass(getClassLoader(), cl.getName());
+        } catch (ClassNotFoundException e) {
+            // ignore
+        }
+        checkSerializable(cl);
+        return super.getSerializer(cl);
+    }
+
     @Override
     protected Deserializer getDefaultDeserializer(Class cl) {
         if (InputStream.class.equals(cl)) {