Quickly Install SSL on Your Website for Free with CloudFlare

It’s important to secure your payment pages with SSL to protect your user’s sensitive data during transmission. Sites with SSL are accessible with https:// in the url.

donorbox https seal

If you embed a Donorbox form in your website, the payment form itself is already SSL secured. However, also having the parent page SSL secured reduces the risks of being exposed to the man-in-the-middle attacks. Plus, if your visitors see the SSL lock on their browser, they would feel more secure about submitting their credit card info. Donorbox requires everyone who embeds their donation form to have their parent page SSL secured.

Thanks to CloudFlare, getting SSL on your site is easier than ever before. CloudFlare is a CDN service that helps your website load faster and provide a SSL security layer. They have a generous free plan that includes a SSL certificate.

To install CloudFlare CDN with SSL, follow these steps:

1. Sign up for an account on cloudflare.com

2. Add your domain name and follow their instructions. If you don’t need their pro features, you can pick their free plan.

cloudflare add domain

3. On your DNS registrar such as GoDaddy or Namecheap. Change the DNS servers to the ones provided by CloudFlare. Please note, this step may differ depending on your DNS configuration. Please defer to CloudFlare’s instruction.

change dns to cloudflare

Dns settings

Here are instruction to update your DNS server for GoDaddy, Namecheap, and Enom. This information should be widely available for any other domain registrar.

4. In around 15-30 minutes your site should work with https:// in the url!

Special thanks to Nate Clonch for this tip and CloudFlare for their great service.

PayPal Donations is Here

PayPal is the grandfather of internet payments system and quite an interesting one. Even though its checkout process could be faster, many donors are used to it. As as result, there are over 157 million PayPal users with their payment info conveniently saved on there. At DonorBox, we want donors to use using whatever payment method they feel most comfortable in. Thus, we are excited to have the option to accept PayPal donations.

To activate PayPal, simply enter your PayPal email under your organization account settings.

tumblr_inline_nmkbejn4271qzncms_250 (1)

Your donation data will still be collected just like a regular card donation.


Per popular request, we will be working on the ability to customize your email receipts. We are also looking at ways to cut transaction fees dramatically using direct bank transfers as an additional donation method.

If you have any questions or issues please don’t hesitate to contact us at support [at] donorbox.org

PS. We’re hip enough to be on Twitter (@donorbox). Hollar at us anytime.

On Fraud Prevention

Unfortunately, fraud is inevitable in online payments. It is less of a problem with donations, but chances are it may happen. Scammers use donation pages to test stolen credit cards. Oftentimes, the donation will have a gibberish email (eg. *protected email*) and have a low dollar amount ($0.50 – $1).  If you see suspicious donation from unknown sources, don’t worry, just take the following steps.

1. Try to email the suspicious donor. If the email bounced or they don’t respond, REFUND the donation. You may get hit with a $15 chargeback fee if you do not refund the transaction within 1-2 weeks. If the donation email or name is clearly fake, go ahead and refund the transaction right away.

2. If your donors are primarily in the USA, we would highly recommend turning on the billing zip code verification under your account settings. If your donors are mostly outside of the USA, it would be better not to turn on billing postal code verification. This is because cards outside of the US may not have their postal code info included.

3. We recently added a new a feature in the campaign editor to enforce a minimum donation amount. We recommend setting that to ~ $3. A higher charge amount will deter scammers from testing stolen cards.