All,

Just for full disclosure, the subreddit has been restricted for the time being while we add a few more mods to help build out the project.

Please send us a modmail with any questions or concerns.

It has been more than a day. Is it because my subreddit r/Wuhan_Flu is quarantined?

Just wanted to make sure this project is still active before adding it to our subreddit.

Many thanks to /u/req0 (creator and maintainer of publicmodlogs frontend, https://moddit.ffff00.news) for his help in making authentication work (it was a lot simpler than I had thought!). Please feel free to invite or re-invite the /u/publicmodlogs account as a moderator (with no permissions enabled!) at your leisure.

/u/Mumberthrax do you still have contact with the person admining that website?

Any help would be appreciated!

Apparently it's not been working for several days - last invite acceptance was around 18 days ago. It's been ages since I messed with python, and even when i made the script to begin with I was amazed it worked since i had no idea what I was doing - and I was happy to let it churn away doing its thing.

I thought maybe updating PRAW would resolve the issue, but instead it made the entire thing stop working completely - apparently the method i was using for authentication is deprecated and now it's more complicated and makes me a little @_@. I will try and figure out how to make it work, but i offer no guarantees. I'm probably not going to manually accept invites like before the script because that was maddening.

So if anyone has experience with using the reddit API etc. and wants to help, let me know.

edit: mfw typo in reddit post title >_>

Update 12/2/2019: with the help of /u/req0, everything appears to be working smoothly once again!

When I follow the link to my public modlogs, it's just a blank page signifying either no activity or not set up.

If I click to see the list of subreddits with public logs, it just spins.

Title.

For around a week(that we've noticed), the public mod logs have been not been working and a 404 error is returned.

when trying to visit the snew repository a message of "This repository has been disabled" is shown..

I sent a modmail to the mods of this sub a few days ago, but have not received a reply.

Anyone know what's going on?

A couple of days ago /u/publicmodlogs was suspended by the reddit admins, ostensibly over security concerns, asking for the password to be reset before it is restored. I saw the notification last night and today the account is re-enabled.

A consequence of this password change is that the API key that is normally used to access the moderation logs via /u/publicmodlogs has changed, so anyone who was using the old RSS and JSON urls will need new ones, and any frontends for the logs like Snew/Ceddit will need to update the key they use as well.

The old url would have been something like: http://www.reddit.com/r/YourSubredditNameHere/about/log/.rss?feed=c7b83b457469643f1912d5fee30e18dba808f351&user=publicmodlogs

The new one would be: http://www.reddit.com/r/YourSubredditNameHere/about/log/.rss?feed=7e9b27126097f51ae6c9cd5b049af34891da6ba6&user=publicmodlogs

the same for the JSON urls: https://www.reddit.com/r/YourSubredditNameHere/about/log/.json?feed=7e9b27126097f51ae6c9cd5b049af34891da6ba6&user=publicmodlogs

I've submitted a pull request to snew.github.io with the updated key https://github.com/snew/snew/pull/11 and it's just waiting for go1dfish to approve it. I've also sent him a message on Voat.

Right now the script I run which checks for moderation invitations and replies to them is disabled. I'll probably edit it to contain a direct link to the rss/json files until Snew is properly updated. If go1dfish doesn't get it working, I may just fork it and host on a new github.io page and include a link to that in my invite response messages.

If anyone wants to write some simpler method of updating the key for frontends, let me know.

tl;dr: account is restored, logs are technically accessible at the above link, and the popular snew/ceddit frontend should hopefully be working soon. if not, i'll fork it and I guess start sending messages to all the subreddits using /u/publicmodlogs with a working link.

Edit: go1dfish has merged the pull request so everything should be back to Norman. :^)

Edit2: bears mentioning, /u/publicmodlogs is not really unique or irreplaceable. any account can be used in this way, and existing frontends can be forked and reconfigured to use any other account which publishes their API key.

edit3: oops. thought i updated the login credentials on my script - turns out i hadn't. sorry for any delays in invite accepts!

Here is the full text of the message i received via email from contact@reddit, and via /r/reddit.com, which the curious can confirm by checking /u/publicmodlogs' mail inbox:

publicmodlogs

We're requiring some of our users to reset their passwords in light of recent

news of Internet security breaches.

As a precautionary measure, please reset your password here to continue using

your account: https://www.reddit.com/prefs/update

You will need to use the desktop site to do so if you are on mobile.

We recommend that you use long, complex passwords (at least 12 characters - a

short sentence works beautifully), and do not reuse your password on any other site.

We apologize for any inconvenience.

The Reddit Security Team

Upon logging on to the desktop version of the website, this notification was in the top section of the page:

Uh oh! We have suspended your account due to suspicious activity. Not to worry. You can continue using Reddit by resetting your password.

https://www.reddit.com/user/publicmodlogs/about.json

is_suspended: true

This might explain why mod log feeds are not working and returning

message: "Forbidden",
error: 403

The reason I ask is because if we remove content which doxxes someone, the information in the content will still be accessible. Seems like a killer flaw to me :(

(in the console)

The console says:

The resource at “https://www.reddit.com/api/v1/access_token” was blocked because tracking protection is enabled.

I have received several messages from different users asking if the moderators of /r/WikiLeaks have spoken to me about setting up /u/publicmodlogs for /r/WikiLeaks. One moderator has messaged me asking about an SSL issue on one frontend for the logs, and I replied to him personally several days ago. Today I sent modmail to /r/WikiLeaks containing a brief explanation of how the logs work, what frontends are available, and a link to the modintro document - just to make sure that the whole team is on the same page.

This is mostly in response to a perception that the moderator team may not all be on the same page about what /u/publicmodlogs is, and a perception that they may have been exposed to misinformation or FUD about the functionality or safety of /u/publicmodlogs (specifically that 1: reddit changed the manner of user authentication in such a way as to render the logs non-functional [false], 2: r.go1dfish.me is the only frontend, and it's SSL certificate expiring means that logs can't be used [false])

Here is the content of the mail I sent:

Hello. I'm the maintainer of /u/publicmodlogs. Several people have messaged me recently asking about your progress on publishing your moderation logs with /u/publicmodlogs, and one of your moderators messaged me several days ago asking for help. I responded to him, but wanted to make sure that you all have access to the same information. Here is a copypaste of my message to AssuredlyAThrowAway:

---

tl;dr: use https://ceddit.com/r/WikiLeaks/about/log#?theme=truereddit instead of r.go1dfish.me if you are concerned about the ssl certificate expiration.

---

invite /u/publicmodlogs as a moderator with all permissions disabled. logs will be generated/published by reddit at:

• https://www.reddit.com/r/WikiLeaks/about/log/.json?feed=c7b83b457469643f1912d5fee30e18dba808f351&user=publicmodlogs

• https://www.reddit.com/r/WikiLeaks/about/log/.rss?feed=c7b83b457469643f1912d5fee30e18dba808f351&user=publicmodlogs

Go1dfish has created the following free/open source frontends for the data - though anyone can do the same as the data is public:

• https://modlog.github.io/#/r/WikiLeaks

• https://r.go1dfish.me/r/WikiLeaks/about/log#?theme=truereddit

• https://ceddit.com/r/WikiLeaks/about/log#?theme=truereddit

Ceddit.com is the exact same as r.go1dfish.me and is maintained by go1dfish just under a different address, and it's ssl certificate has not expired. r.go1dfish.me still functions if you bypass the warning about ssl. modlog.github.io does not show the content of removed comments, is functionally equivalent to viewing the reddit rss feed.

As always, the most reliable source for the logs is going to be the JSON and RSS feeds straight from reddit itself rather than through any frontends for that data.

Regardless of the state of any frontends for the data, adding the account will enable your users to gain access to the content of the logs through the RSS and JSON data. If your goal is transparency, the RSS and JSON files are better than the complete opacity of doing nothing.

---

You can view my sort of standard intro doc here: https://www.reddit.com/r/publicmodlogs/wiki/modintro

As a reminder, a moderation team choosing not to publish their logs does not mean they do not necessarily value transparency (though not valuing transparency is a factor in choosing not to publish). Choosing not to use /u/publicmodlogs also does not necessarily mean a moderation team does not want transparency. There may be various legitimate reasons for choosing not to publish, or choosing not to publish via /u/publicmodlogs.

Chrome is reporting that the certificate for https://r.go1dfish.me is no longer valid. Returning error and have to manually choose to proceed.

You may or may not have noticed the past three to four days that /u/publicmodlogs has not been accepting invitations - this is because the automated script I have been running on my laptop was inactive while I wrestled with a windows 7 reinstall. It's a long and harrowing tale but suffice to say things should be more-or-less normal and invitations should be processed about once per hour as usual.

If your invitation to /u/publicmodlogs is not accepted for over a day, go ahead and send me a message at /u/Mumberthrax. :)

To anyone that was affected or anyone who is interested, I'd like to apologize for my extended absence, for not keeping up with invitations for /u/publicmodlogs.

I've had some serious anxiety issues over the past few months, coupled with some medical issues that really freaked me out and which were exacerbated by the anxiety. So reducing stress and doing only relaxing things - as best as I could - has been a priority for me. I should have said something, but my thoughts during these anxious moments are not entirely rational. I panic when I think about having disappointed someone, and it leads me to avoid dealing with it - and then that avoidance means that I've likely caused even more disappointment and so I get even more anxious when I think about facing those I've disappointed. It's really messed up and I should get it under control. That's more or less the explanation in a nutshell for my absence.

I see that I have a lot of mod invitations for /u/publicmodlogs. I'll get on that, accepting whichever ones are still active. It looks as though modlog.github.io is still working great, so thanks /u/go1dfish or whatever username you're going by these days.

Anyway, I'm sorry folks. If I can find a way of automating the invitation acceptance then this shouldn't happen again. If the reddit admins would just set up the public logs like they were going to years ago, this wouldn't even be an issue.

Of course, even without /u/publicmodlogs, any subreddit can duplicate this process. I've laid it all out in my other post exactly how this thing operates. It doesn't take any programming skill or anything, just normal reddit user skills.

- Mumberthrax

I can't see any of the modlogs anymore. Is there a technical issue causing this?

I've a trouble that I described here:

I moderate a subreddit that is considering adopting /r/publicmodlogs (in lieu of reddit implementing public modlogs in the code...), and the fact that it doesn't show removed comments or give any information about it is a showstopper.

I mean, having a public modlog invites scrutiny and discussion about every removal, which is disruptive enough; not being able to read the comments just makes it impossible to have an objective discussion about them!

Showing a reason would be the next best thing (perhaps somehow /r/publicmodlogs getting the reason from the toolbox). Ideally one would have both: /r/publicmodlogs showing the reason and the comment.

The toolbox can "load removed comments" on the modlog. Could /r/publicmodlogs do the same? Or show the reason for removal.

The short explanation is: this is a secure and trusted method to publish an unadulterated copy of any subreddit's moderation log, with no need to run a bot, no need to run any scripts. There are no security risks that I am aware of in the use of this method. The log that is produced looks something like this in its pure reddit-generated form: https://www.reddit.com/r/Morrowind/about/log/.rss?feed=c7b83b457469643f1912d5fee30e18dba808f351&user=publicmodlogs

The user /u/go1dfish has created a website that turns this data into something a little more readable, and with a longer history: https://modlog.github.io/#/r/Morrowind

To set it up, all one has to do is invite the account /u/publicmodlogs to be a moderator of a subreddit, granting it NO permissions. Then the log for your subreddit would probably be at this address: https://www.reddit.com/r/YourSubRedditNameHere/about/log/.rss?feed=c7b83b457469643f1912d5fee30e18dba808f351&user=publicmodlogs

and at https://modlog.github.io/#/r/YourSubRedditNameHere

In my opinion, public moderation logs are a boon to the cultivation of community/moderator trust. If the community can see on a reddit-originated moderation log (which is not susceptible to tampering by mods) that you aren't doing anything outside of the subreddit's rules and policies, then it will quell a lot of unwarranted witch hunting and drama. It isn't without its potential drama risks, and an official modlog that permits granular control and more meta-data (like rule citations) would be better, but so far in the subreddits I've seen with public logs there haven't been any issues that suggested the public logs were a mistake.

So here's the nitty gritty details: I apologize for the length, but i wanted to make sure to explain this as thoroughly as I could so there's no confusion.

This is the discussion I had recently on the topic that got some visibility: https://www.reddit.com/r/announcements/comments/35uyil/transparency_is_important_to_us_and_today_we_take/cr82jc8?context=3

There is an internet technology called RSS which people can subscribe to in order to view the latest headines, or latest content on a website. Lots of websites use it, and you can usually find the RSS feed on a site by looking for the little orange radio wave icon. For example, this is the feed from corbettreport.com. I personally use a program called RSSOwl to subscribe to feeds like this. It's nifty.

Reddit provides RSS feeds for most pages on the site. Here's the one for the front page of /r/pics: https://www.reddit.com/r/pics/.rss

It also provides RSS feeds for the comments on specific posts. Here's the feed for the currently stickied post on /r/TrueReddit: https://www.reddit.com/r/TrueReddit/comments/2rwbb4/please_support_revex_the_refined_rebirth_of/.rss

Reddit provides JSON files as well that contain essentially the same data. These are used by things like mobile apps. JSON files are much less readable in a web browser, but here's an example: https://www.reddit.com/r/TrueReddit/comments/2rwbb4/please_support_revex_the_refined_rebirth_of/.json

These are all public, and available to anyone, and they're super handy. As an additional nicety, reddit provides RSS and JSON files for individual users' information. So if you want to be able to access your reddit mail through an RSS reader, or want an app like RedReader on your phone to let you know when you've got mail, it can check those. This page in the preferences section shows you some of the feeds that are unique to your account: https://www.reddit.com/prefs/feeds/

Now these feeds do not require you to login with your password or username in order to view them. If you look at one of those links and see a string of mish-mashed letters and numbers, thats the part that identifies you. So long as nobody has that string of numbers but you, then you're the only one who can view those RSS and JSON pages. That's why the top of that page says to be careful about sharing them, because if it became public then people could read your reddit mail or see what posts you have upvoted.

Just like with being able to see an RSS feed for a specific post, moderators can see a feed for the various specific mod-only parts of a subreddit, like the moderation log, ban list, modqueue, modmail, reports, etc. If a moderator has permissions to view those things, then there is an RSS feed that they can use to see the data without logging in. If they don't have permission to access modmail for example, then even if you had their unique string of letters and numbers for the address, you couldn't see anything in the modmail for that subreddit.

So this is where the moderation log workaround comes in. If you have an account which has been made a moderator of a subreddit, but without any permissions to view ban lists or modmail or edit anything etc., it can access the moderation log and traffic stats and that is it. If you publish the link to that account's RSS feed for the moderation log, then anyone can view the log. Because that account doesn't have access to anything else on the subreddit, there's no risk in anything else being revealed publicly. So when i discovered this I set it up on /r/morrowind and /r/elderscrolls using an account /u/publicmodlogs which i don't use for anything else, so there's no concern about the fact that anyone can view its private mail or upvotes - because it just isn't used for anything other than accessing moderation logs.

Anyone can do this. But when I mentioned this to /u/go1dfish in the discussion i linked above, he created a website that takes the JSON version of the data from /u/publicmodlogs specifically and makes it into a version that is slightly easier on the eyes, that is, https://modlog.github.io. So while you could make your own account like I did with /u/publicmodlogs, it might be more convenient to just invite it since it's already setup with the github site and you don't have to worry about mucking with managing another account on your own.

Currently, all that I do when i get an invite to /u/publicmodlogs is I confirm that the account was given no permissions, then i edit this wiki page: https://www.reddit.com/r/publicmodlogs/wiki/index to include the subreddit, and send the subreddit mods a note confirming that it is setup and making sure they have a link to the public logs. The https://modlog.github.io website automatically updates its main list based on the content of that wiki page, though even if the wiki page doesn't contain the link, you can still access the logs if the /u/publicmodlogs account is a moderator of the subreddit, since it uses the JSON file directly.

And that's it! If I've said anything confusing or if you have any questions, please feel free to ask me about it. Thanks for taking the time to read this. There are currently existing options like /r/uncensorship which attempt to achieve similar results using bot accounts, and I think this one is superior only in the sense that it is basically impossible to claim that moderators are tampering with it, and the fact that it is dead simple to "set it and forget it".