- 1 Install Recommended Free Plugins on Your Dashboard
- 2 Jetpack
- 3 Donations
- 4 WordPress CRM Integrations
- 5 Events
- 6 Forms
- 7 Social Media Integration
- 8 Improve the Admin
- 9 Accessibility
- 10 Ecommerce
- 11 Search & Filtering
- 12 Search Engine Optimization (SEO)
- 13 Visitor Statistics (Analytics)
- 14 Site Speed
- 15 Site Backups
- 16 Spam & Security
- 17 Still Looking?
Finding the right plugin is time-consuming and intimidating if you’ve never done it before. With years of WordPress experience and lessons learned the hard way, I hope this page saves you from that frustration.
This page contains recommendations for plugins in all the major categories that you’ll likely need when building a nonprofit website. Categories below each have a brief explanation and then one or just a few recommended plugins.
Install Recommended Free Plugins on Your Dashboard
You can see all the free plugins from this page directly on WordPress.org by visiting the NonprofitWP WordPress.org profile.
You can view the list directly in your WordPress dashboard (for quick installation), by going to Plugins > Add New, clicking on the “Favorites” tab, and entering “NonprofitWP”.
Jetpack* is easily one of the most popular plugins. Released by Automattic, Jetpack lets you use popular features from WordPress.com on your self-hosted WordPress site. Some of these features work straight out of the box, while others require that you connect your site to WordPress.com via a user account.
Not everyone will agree with me, but I think the quality, support, and usefulness of Jetpack outweighs any downsides. Jetpack replaces multiple plugins I’d need to otherwise install on each site, and I trust the author to maintain the plugin.
Jetpack comes with “modules,” so you can disable the parts of it you don’t want. You’ll find me referencing Jetpack modules throughout the rest of this page, and I install it on every site I build. I’d recommend you do the same.
For most nonprofits, accepting online donations is a huge reason to have a website.
Many organizations link from their website to a 3rd-party payment processing service like PayPal, Network for Good, Click & Pledge, Razoo, etc. That option is easy, cheap, and free of security concerns. This is way better than nothing, and it’s a great way to get started. For linking to PayPal, I often use the PayPal Donations plugin which helps you put the right PayPal button on any WordPress page.
When you’re ready to scale up, it’s even better to have your donation form directly embedded on your website. The new leading plugin for this task is Give. Give lets you embed simple donation forms directly on your site and process the credit card payments with PayPal (free) or Stripe, Authorize.net, Dwolla, and other services with paid add-ons.
If you already have Gravity Forms* (see “Forms”, below), consider using their add-ons for PayPal or Stripe for payment processing and make your custom form that way. This takes a bit more know-how, but it’s nice to handle all your forms—donations included—with a single plugin.
SSL for Secure Donations
If you’re asking people for their credit card information on your website, it’s a requirement that you have an “SSL certificate” to encrypt traffic between your service and the payment processor. SSL certificates can be purchased from most hosts. Once you have SSL setup, you’ll be able to access your website via “https” (e.g. https://example.org), which will display in the browser that the site is secure:
Some donation plugins will help you set up HTTPS while others may suggest you use a different plugin like WordPress HTTPS (SSL). Here’s the official WordPress documentation on setting up HTTPS.
Once you have your SSL certificate, consider activating HTTPS for your entire site! This gives people a little more trust of your site, protects other information people submit, protects your passwords and site administration, and gives you a small bump in the eyes of search engines. You can use a plugin like Really Simple SSL or do it yourself.
WordPress CRM Integrations
Taking data entered by a user and getting it into your CRM is a “holy grail” for many nonprofit sites. Unfortunately, there is no one-size-fits-all approach.
Routing Through a 3rd-Party
Instead of connecting a form directly to their CRM, many nonprofits choose to use a CRM-friendly third-party service like their donation processor, MailChimp, or Zapier to get data into their CRM. For example, many nonprofits will put a MailChimp subscription form on their website and then add all new subscribers to their Salesforce database. This can be cost-effective and fast way small nonprofits to get up and running.
It’s hard to be a direct connection though!
- We’ve had some success with the Gravity Forms Salesforce Add-on in conjunction with our favorite form plugin Gravity Forms, although it’s showing it’s age and is in need of a yet-to-come upgrade.
- Web-to-Lead for Salesforce plugin is good for extremely simple uses.
- Using a paid Zapier account with Gravity Forms’ Zapier add-on is a good option for more complicated sites.
- FormAssembly is a popular form-building service that can connect to Salesforce.
- Ninja Forms has a Salesforce Add-on though we’ve never used it.
Other CRM’s may have their own WordPress plugins or recommend a “Form as a Service” (FaaS) provider like FormAssembly that can help you get data from WordPress into your CRM. There are so many CRMs out there that making specific recommendations is impossible.
When it comes to working with CRMs, it’s most common to generate a form outside WordPress and then embed it on a WordPress page directly. This can be tricky, so stay patient, read the instructions three times before you start, and take advantages of your CRM’s support desk.
Whether you have a few fundraisers, dozens of classes, or monthly seminars, you probably need some way to handle events. Far and away, my favorite plugin for event management is The Events Calendar. The base plugin is free and does most of what you’d probably need, and their PRO version and add-ons provide advanced features like recurring events, community event submissions, and even Facebook event syncing. What’s more, the PRO version and all add-ons are free for most 501(c)(3)s! You’ll find that deal and more on the free WordPress and tech for nonprofits page.
The makers of The Events Calendar also just released a brand new plugin for Event Tickets. This free plugin enables RSVPs for any event or any other type of content. The free-for-nonprofit add-ons includes purchasable tickets.
Your website will probably have at least one form on the Contact page. (Thinking about just listing an email? I recommend both an email and a form.) Many nonprofits use additional forms, for instance to collect email addresses or build a list of interested volunteers.
For years, my go-to form plugin has been Gravity Forms*. This paid plugin is extremely powerful and comes with add-ons for connecting forms to a variety of 3rd-party sources like PayPal and MailChimp. You can also use Gravity Forms to collect payments, allow people to submit content to your website, conduct polls and surveys, set up website user accounts, and more. It’s pretty amazing.
For those needing a free, more-powerful form-building option, check out Ninja Forms (on WordPress.org) or Formidable. Both plugins offer PRO versions (Ninja Forms PRO / Formidable PRO) and add-ons (Ninja Forms Add-ons / Formidable Add-ons) similar to those in Gravity Forms.
There are tons of plugins to promote your social media profiles and website content. I find most to be a little overly aggressive for my tastes. I don’t always use all of these, but I tend to rely on Jetpack’s social media-related modules when I need these features:
- Sharing Buttons* – For visitors to share your website pages on their social media accounts
- Publicize* – Autopost your website updates directly to your social media profiles
- Extra Sidebar Widgets – Twitter, Facebook, and Google+ widgets to show your most-recent social activity along with a Social Media Icons widget
- “Open graph” or “Twitter Card” metadata* – This is hidden HTML that helps social sites know what title, description, and image to display when you share a link from your site. This information is automatically added to your site if you have “Publicize” or “Sharing Buttons” enabled. (The Yoast SEO plugin also adds these tags and, I think, does a better job.)
Improve the Admin
The admin of WordPress is great but there are lots of small things that are annoying, inconvenient, or just not the way you like it. Luckily, there are plenty of plugins that tweak the admin is ways that are useful. Here’s a list of some of my favorites with short descriptions of what they do. I install most of these on every site I build:
- Simple TinyMCE* – Streamline the text editor to keep it on a single line and encourage good formatting choices.
- Duplicate Post – If you find yourself needing to copy details from one post to another (like an event series or standardized page template), this lets you start from the copy of a previous page. Especially useful for events.
- WP Comment Humility* – Moves “Comments” to the “Posts” submenu where it makes more sense on most sites.
- Menu Humility* – Keeps large plugin’s settings pages at the bottom of the menu (where they should be!).
- Widget Visibility Module in Jetpack – If you need to display certain widgets on only some pages, this is the best plugin for the job.
- WP Help – Write custom documentation for your own website that gets displayed directly in the admin.
- Omnisearch Module in Jetpack – Creates an excellent full-admin search of all your content.
Making your site accessible, means doing your best to allow any person to use your site, regardless of how they access it and whatever their abilities. People with visual, hearing, motor, and cognitive impairments all especially benefit from accessibility.
There is no magic way for sites to be 100% accessible, but there are some plugins that can help you. Primarily, there is WP Accessibility*. This plugin provides a suite of tools to improve the accessibility of any site, particularly those not using a theme that is made accessible from the start. WP Accessibility automatically fixes some issues with WordPress and then gives you options for further improvements. I especially recommend you enable the following settings:
- Enable Skiplinks
- Remove target attribute from links
- Remove tabindex from focusable elements
- Add post title to “more” links
Plugin- and Theme-Specific Accessibility Improvements
There are also some great plugins that improve the accessibility of a specific plugin. For form plugins, there are both WCAG 2.0 form fields for Gravity Forms* and Contact Form 7: Accessible Defaults. Use the appropriate plugin if you install Gravity Forms* or the Contact Form 7 plugin, respectively.
If you use a Genesis theme, make sure you install Genesis Accessible. It is able to make a number of great, specific accessibility improvements. The Genesis Accessible Dropdown Menu will further improve your site.
If you want to sell anything on your site from, tshirts to document downloads, you’ll need a way to handle “ecommerce.” A good plugin will give you a shopping cart, checkout process, and management tools from stock tracking to pricing variations.
If you only need to sell digital products (like ebooks, documents, videos, etc.), then take a look at Easy Digital Downloads, an excellent plugin intended specifically for virtual products.
Both plugins are free for the basic version with dozens of paid “add-ons” available for advanced and niche features.
There are thousands of online stores that run on WordPress, but WordPress was not built to be a store. If the primary purpose of your site is a store or you have a very large or complex store, seriously consider using a service built intentionally for ecommerce. One of the best is Shopify.
Search & Filtering
WordPress’s search is notoriously bad. It only searches exact phrases and full words and then orders the results…by date. (What!?) It also doesn’t search things like excerpts or custom fields. That’s why having a good search plugin on even a moderate-size site is important.
Search Everything is easy to configure and handles searching more than just the body of your pages. For those needing more control and relevance-based search result ordering, there’s Relevanssi*. It’s not the easiest to configure but works well and all for free.
For a nicer, easier-to-set-up search plugin, consider the paid SearchWP plugin. It does most of what Relevanssi does but with a really nice settings page and excellent support. (I’ve used it many times!)
Finally, a text-box search field isn’t enough for sites with advanced content. For things like a resource library, list of locations, or user directory, you may want to be able to give users a “faceted search” with categories for narrowing the results. (This is what Amazon has in the left sidebar on the aforementioned list of blenders!) If that sounds useful, check out FacetWP.
Search Engine Optimization (SEO)
WordPress is pretty good for SEO out of the box, but if you find you need greater control over any of the following, you’ll want to consider using an SEO plugin:
- The way social media generates previews of links to your site.
- The title and description of your site displayed on search engine results pages (SERPs).
- The titles of your pages displayed in browser tabs/windows.
- Submitting your site to Google Search Console or Bing Webmaster tools and generating an “XML sitemap.”
If at least a few of those features sound useful, I recommend using Yoast SEO.* The plugin is free with paid upgrades for a premium version and special add-ons for video, news, “local,” and WooCommerce.
Visitor Statistics (Analytics)
Even if you don’t know what you want to know from them yet, you should be collecting visitor statistics on your site from the day you launch. These stats can tell you how people find your site (search, clicking links, etc.), what pages they look at, how long they stay, and much more.
The easiest way to get started with stats is via the Jetpack Site Stats module. It uses WordPress.com technology to track your site visitors and outputs your stats directly in your WordPress Dashboard.
Most people will be best served by the free service Google Analytics. Once you’ve signed up for Google Analytics, it’s easy to connect your site to the tracking service with Google Analytics by MonsterInsights* (formerly “by Yoast”). While many people could set this up without a plugin, I recommend using it for the following features:
- Easy setup
- Exclude logged-in user’s traffic from your reports
- Better tracking of downloaded files
- Basic stats available in the Dashboard with more available at google.com/analytics/.
Nobody likes to wait for a site to load, so you’ll want to try to make sure your site is as fast as possible.
Plugins can’t magically make every site fast, but most can help. Before you install either of these types of plugins, make sure that you’ve limited the number installed of plugins and picked a theme that provides as few options as possible.
“Caching” is a means of saving the result of certain time-intensive tasks for your server so they don’t have to repeat them for every website visitor. This can literally shave seconds off certain page loads when implemented properly.
When I can’t use a caching solution provided by my host (see below), I usually go to WP Super Cache. Expect to have to experiment with settings and possibly contact your host for a recommended configuration.
My host, SiteGround, offers its own custom caching plugin called SiteGround SuperCacher*. It works beautifully and is one of the reasons why I’ve loved my host ever since I moved to them. My other favorite host, WP Engine, doesn’t even require you to install a plugin, caching is just built in when you use them.
Content Delivery Networks (CDNs)
Even if you have caching setup, your server still needs to send lots of files to each website visitor. Content Delivery Networks (CDNs) allow you to speed up that process by having them send copies of your site’s files from their super-fast servers.
Jetpack offers its Photon module*, to speed up the loading of photos on your site. If you want a CDN for your entire site, check out CloudFlare. CloudFlare offers not just a CDN but also caching and even SSL for security.
It is crucial that you backup your site. Not doing so can result in the loss of hundreds of hours of work.
There are a bunch of backup plugins, so I only have experience with a few. That said, my go-to plugin is the paid BackupBuddy*. BackupBuddy stands out due to it’s ease of use for moving sites, useful server tools, and regular updates.
For a free alternative, consider BackWPup.
Unfortunately, there are times when backup plugins fail due to hosting restrictions or the size of your site. When that happens, it’s probably a sign you need a more robust solution. One service to consider is VaultPress from the makers of WordPress.com. VaultPress does live backups (i.e. you change something and it immediately backs up) to the cloud and works great. Recommended security service Sucuri* offers a similar backup service as an add-on to security subscriptions.
Finally, consider using a host with backups built in. Most hosts technically backup your site, but you should only use a host for backup if they specifically advertise that you can back up and restore your WordPress site easily. When I want that, I always turn to WP Engine. Not only can WP Engine both backup and restore your site with one click each, it comes with a fantastic “staging” feature to make a copy of your site for testing.
Spam & Security
Spam and security cause headaches, wasted time, and occasionally real problems for your organization. Doing your best to block them and then quickly clean up the few that get past is a key part of keeping a healthy site.
Comment Spam Blocking
To prevent comment spam, I recommend a combination of plugins: Cookies for Comments* and Akismet*. The first plugin blocks spam from submission while the second scans and spams any bad comments that get past the first.
You also want to try to prevent “bots” from hacking your site through known vulnerabilities in WordPress or plugins and via “brute force” attack son your login form (whereby a robot tries to guess your password). Most security plugins overlap quite a bit in what they do, so finding the perfect blend is a challenge. Personally, I combine the Protect module in Jetpack* with a paid Sucuri* plan.
Sucuri is fantastic because it actively scans your server for malicious files, monitors your WordPress installation for suspicious change, and includes unhacking your site for the cost of the service. Having the peace of mind that comes from that unhacking service is so valuable.
If you’re not quite sure of your needs, the right plugin, or something else, you can now ask Nonprofit WP for advice!