Skip to content

readme.md

Latest commit

 

History

History
121 lines (89 loc) · 4.19 KB

readme.md

File metadata and controls

121 lines (89 loc) · 4.19 KB

🔐 Google Sheets SSL Expiry Checker — Secure PHP API + AppScript

📌 Description

Google Sheets SSL Expiry Checker is a secure, free, and lightweight solution for checking SSL certificate expiry dates directly inside Google Sheets.
It is built with Google Apps Script on the frontend and a PHP API (MODX or standalone) on the backend.

Manager-friendly — works directly in a Google Spreadsheet
Secure by design — HMAC signature, HTTPS-only, timestamp validation
Cache-enabled — reduces load and blocks spamming
Flexible backend — works with MODX or any PHP hosting
Free — no paid APIs or SaaS dependencies

🚨 The Problem

❌ Without this 💥 Issue
Manual SSL checks Time-consuming & error-prone
No centralized access Every manager does it differently
Public/free APIs Privacy concerns, rate limits
No caching Risk of overloading the server

🛠 How This Works

✅ Feature 🚀 Benefit
Google Apps Script UI in Sheets No extra training for managers
Secure PHP API endpoint Prevents unauthorized requests
HMAC SHA256 signature Ensures data integrity
Timestamp check Blocks replay attacks
MODX System Settings key storage Easy key rotation
File/socket SSL parsing Direct expiry date retrieval
Server-side caching Protects from overuse

⚙️ Installation & Usage

Backend (PHP API)

  1. Place the api.php script in your hosting root (can be MODX or pure PHP).
  2. If using MODX:
    • Create a System Setting named ssl_checker_api_key and set your secret key.
    • Ensure $modx->cacheManager is available for caching.
  3. If using standalone PHP:
    • Store $storedApiKey in a secure config file.
    • Replace MODX caching with file_put_contents() or any cache system.
  4. Serve API only over HTTPS.

Frontend (Google Sheets)

  1. Open your Google Sheet.
  2. Go to Extensions → Apps Script.
  3. Paste the provided Google Apps Script code.
  4. In the sheet, open the ⚙️ GM SCRIPTS menu and run SSL CHECKER.
  5. Enter:
    • API URL (https://yourdomain.com/api.php)
    • API Key (from backend)
    • Column with domains
    • Column to update with expiry dates
  6. Done ✅ — all expiry dates will be fetched securely.

🔒 Security Features

  • HTTPS-only — request rejected if not over TLS
  • HMAC SHA256 — verifies request authenticity
  • Timestamp validation (±30s) — blocks replay attacks
  • Server-side cache (60s default) — reduces load & spam
  • Minimal exposed surface — only one POST endpoint
  • Maxum post content size — is 500 KB

📈 Expected Results

  • 🕒 Saves hours — no manual SSL checks
  • 📊 Centralized view of certificate expiry dates
  • 🔐 No public API leakage
  • ⚡ Fast due to caching

📌 Tech Overview

Component Details
Language PHP 7+
Database MySQL / MariaDB (MODX) or none (standalone)
Frontend Google Apps Script
Security HMAC + HTTPS + Timestamp
Caching MODX CacheManager or custom
Compatibility Any HTTPS-enabled PHP hosting

💻 Tech Stack

PHP Google Sheets Google Apps Script MODX Security No Dependencies

📦 License

MIT — free to use, modify, and integrate.

⭐ If this tool saved you time — give it a star on GitHub and share with your colleagues!