diff --git a/api/preprints/serializers.py b/api/preprints/serializers.py
index 3936292b6cb..8fff1661199 100644
--- a/api/preprints/serializers.py
+++ b/api/preprints/serializers.py
@@ -297,10 +297,13 @@ def update(self, preprint, validated_data):
         save_preprint = False
         recently_published = False
 
+        status_changed = False
+
         primary_file = validated_data.pop('primary_file', None)
         if primary_file:
             self.set_field(preprint.set_primary_file, primary_file, auth)
             save_preprint = True
+            status_changed = True
 
         old_tags = set(preprint.tags.values_list('name', flat=True))
         if 'tags' in validated_data:
@@ -426,6 +429,10 @@ def update(self, preprint, validated_data):
         if save_preprint:
             preprint.save()
 
+        if status_changed:
+            preprint.status = 'waiting_for_moderation'
+            preprint.save()
+
         if recently_published:
             for author in preprint.contributors:
                 if author != auth.user:
diff --git a/api/preprints/views.py b/api/preprints/views.py
index 2f6bbad0480..8b72bef4ca7 100644
--- a/api/preprints/views.py
+++ b/api/preprints/views.py
@@ -6,7 +6,7 @@
 from rest_framework import permissions as drf_permissions
 
 from framework.auth.oauth_scopes import CoreScopes
-from osf.models import ReviewAction, Preprint, PreprintContributor
+from osf.models import ReviewAction, Preprint, PreprintContributor, PreprintLog
 from osf.utils.requests import check_select_for_update
 
 from api.actions.permissions import ReviewActionPermission
@@ -197,6 +197,35 @@ def get_parser_context(self, http_request):
         res['legacy_type_allowed'] = True
         return res
 
+    def perform_update(self, serializer):
+        instance = serializer.save()
+        request = self.request
+        auth = get_user_auth(request)
+
+        if 'primary_file' in request.data:
+            instance.set_primary_file(instance.primary_file, auth)
+            instance.add_log(
+                action=PreprintLog.FILE_UPDATED,
+                params={
+                    'preprint': instance._id,
+                    'file': instance.primary_file._id
+                },
+                auth=auth,
+            )
+
+        if 'is_published' in request.data:
+            published = request.data['is_published']
+            instance.set_published(published, auth)
+            if published:
+                instance.add_log(
+                    action=PreprintLog.PUBLISHED,
+                    params={'preprint': instance._id},
+                    auth=auth,
+                )
+                instance.notify_user_submitted(auth.user)
+
+        instance.save()
+
 
 class PreprintNodeRelationship(JSONAPIBaseView, generics.RetrieveUpdateAPIView, PreprintMixin):
     permission_classes = (