Install applications from unknown sources (sideloading) on Xiaomi, Redmi or smartphones POCO It can pose a serious security risk, even if you knowingly turned on this option to install it. APK-files outside of Google Play, it is recommended to return the settings to factory settings to minimize the risk of virus infection or data leakage. In this article, we will discuss how to completely disable downloads from unknown sources on shell devices. MIUI — from the old versions to the last MIUI 14/15.
It is important to understand that blocking unknown sources works on two levels: global (for all applications) and individual (permissions for specific programs, such as browsers or file managers). APK-If you've previously allowed external installations to save traffic or access pirated content, now is the time to rethink these settings.
This article is relevant for all modern Xiaomi devices, including the Redmi Note 12/13, POCO X5/F5, Xiaomi 13/14 and older Android 10–14 gadgets. Instructions are adapted to the latest versions of MIUI, but we will also point out the differences for outdated firmware.
Why do I need to shut down the installation from unknown sources?
The main danger of unknown sources is the risk of installing malware that can:
- 🔍 Stealing personal data: passwords, bank details, correspondence from messengers.
- 📱 Show hidden ads or redirect to phishing sites.
- 🔋 Discharge the battery and load the processor with background tasks.
- 🚫 Block access to system functions (redemption for unlocking).
Even if you download APKs from a “trusted” site, there is no guarantee that the file has not been modified. For example, popular apps like WhatsApp or Telegram are often replaced by scammers with fake versions with embedded spyware. In 2023, Kaspersky’s lab recorded a 37 percent increase in such attacks among Android users, with 40 percent of cases occurring on devices with an authorized installation from unknown sources.
Also, some apps (like Fortnite or Genshin Impact) are distributed through their own installers, but even they don’t guarantee complete security. Xiaomi blocks such installations by default, and it’s not just a manufacturer’s whim – it’s a security measure.
⚠️ Note: If you have previously installed applications from.apk files, check your device for viruses using Google Play Protect or Malwarebytes before disabling unknown sources.
How to check if unknown sources are included on Xiaomi
Before you turn off the option, make sure it's actually active. In MIUI, there are two ways to do this:
- Through security settings: Go to Settings → Applications → Application Management → Settings (cog in the upper right) → Special access → Install unknown applications. This will show a list of programs that are allowed to install APK. If at least one application is allowed, the function is active.
- Attempt to install APK: Download any secure APK (for example, from the official APKMirror website) and try installing it. If the warning "Installation is blocked", then the global lock is already working. If the installation begins, unknown sources are turned on.
Some devices (especially those with MIUI 12 and older) may display a separate switch in Settings → Memory → Installation from unknown sources. If not, use the first method.
Step-by-step: how to disable unknown sources on Xiaomi
The process of disabling depends on the version of MIUI. Below is a universal algorithm that is suitable for most devices:
Method 1: Global Shutdown (for all applications)
- Open Settings (the gear icon on the main screen).
- Go to the Appendix section → Application management.
- Click on the icon. ⚙️ Settings (upper right corner).
- Select Special Access → Install Unknown Applications.
- In the list of applications, find those with the status of “Allowed” (most often it is the Browser, File Manager or Chrome).
- Click on the application and translate the slider to the position "Prohibit".
- Repeat step 6 for all applications on the list.
After that, no application will be able to install APK-If you try to open a file like this, the system will show an error: "Installation is blocked by the security settings».
Method 2: Disable via security settings (for older versions of MIUI)
On devices with MIUI 10–11 (e.g., Redmi Note 8 or Xiaomi Mi 9), the path may be different:
- Open the Settings → Memory.
- Scroll down and select Installation from unknown sources.
- Turn off the slider at the top of the screen.
If this item is not available, use Method 1 – it works on all versions.
Special access settings are open|All applications have the status of "Prohibit"|Attempted installation APK lock-in|No safety warnings in the notification curtain-->
Method 3: Reset all permissions (if the option is not disabled)
If you still have APK installation after completing the steps above, try resetting the permissions:
- Go to Settings. → Annexes → Application management → ⚙️ Settings → Resetting of application permits.
- Confirm the reset (this will not delete data, but will disable all special accesses, including APK installation).
⚠️ Note: After resetting permissions, some applications (such as instant messengers or banking programs) may request access to contacts, camera or location again.
How to prevent APK installation for specific applications
If you want to leave the option of installing an APK for one or two applications (like F-Droid) but block it for others, do the following:
- Follow the path from Method 1 to the Install Unknown Applications section.
- In the list, find the application you want to leave permission for (for example, F-Droid).
- Click on it and move the slider to the "Allow" position.
- For all other applications, set “Disallow”.
Thus, APK-The only way to install files is through the app you select, which is a compromise for users who sometimes need sideloading but want to minimize the risks.
| Annex | Recommended action | Reason. |
|---|---|---|
| Browser/Chrome | Banned | Frequently source malicious APKs through advertising |
| File manager | Banned | Can automatically offer the installation of downloaded files |
| Telegram | Banned | It is often used to distribute pirated software. |
| F-Droid | Allow (optional) | Official open source catalog with verified builds |
What if unknown sources are not turned off?
In rare cases, security settings may be blocked due to:
- 🔒 Administrator rights issued to malware.
- 🛠️ Custom firmware (such as LineageOS or Pixel Experience).
- 📱 Device policies (if the smartphone is linked to a corporate account).
Solutions for each case:
1. Malware with Administrator Rights
If the virus has received the device administrator privilege, it can block the change of settings.
- Go to Settings → Passwords and Security → Device Administrators.
- Uncheck any suspicious apps (if you don’t know what to disable, uncheck everything except Google Play Services and Mi Account).
- Try to turn off unknown sources again.
2. Custom firmware
On informal firmware (e.g. Xiaomi.eu), security settings may differ.
- Update the firmware to the latest version.
- Use the Magisk module to manage permissions (power users only).
3. Corporate policy
If the device is managed via Android Enterprise or Mi Work, some settings may be blocked by the administrator.
- Contact the IT-service of your organization.
- Use your personal smartphone to install unofficial APKs.
What if, after disabling unknown sources, APKs are still installed?
Additional security measures after disabling unknown sources
Disabling the installation from unknown sources is only the first step. To protect the device as much as possible, follow the following steps:
- 🛡️ Turn on Google Play Protect: Go to Google Play → Menus (☰) → Play Protect → Settings and activate “Device scanning for threats».
- 🔄 Update. MIUI and applications: Outdated versions of software contain vulnerabilities. Update the system through Settings → The phone. → Updating the system.
💡
If you frequently install an APK for testing, create a separate user profile on Android (Settings → System → Multiple users).
Frequent Mistakes and How to Avoid Them
When disabling unknown sources, users often face the following problems:
| Mistake. | Reason. | Decision |
|---|---|---|
| "Settings are not saved." | System cache or MIUI error | Clear the cache in Settings → Annexes → All applications → Settings (⚙️) → Clear the cache |
| “Not the ‘Installation of Unknown Applications’ clause” | Obsolete version of MIUI or regional firmware | Update the software or use global search in the settings for “unknown sources” |
| «APK set up ADB» | USB debugging enabled | Turn off Settings → About Phone → MIUI Version (7 times) → Developer Mode → Debugging by USB |
If you encounter another bug, check if it’s root rights or modified firmware, and in such cases, the standard security settings may not work.
💡
Even after disabling unknown sources, there is a risk of installing malware through vulnerabilities in your browser or messengers, regularly update applications and do not follow suspicious links.