Plugin Firewall AutoPilot Mode requirements and functionality:
BPS Pro Security Logging must be turned on.
WP Crons must be turned on|enabled|allowed.
The Plugin Firewall AutoPilot Mode has both Public (frontend non-admin) and Private (Admin backend) functionality. Plugin Firewall AutoPilot Mode whitelist rules will NOT be created until an Administrator logs into the website once and the next schedule AutoPilot Mode Cron has been run. The reason for this is if AutoPilot Mode was allowed to create Plugin Firewall whitelist rules by a non-admin|publicly|frontend then it could be exploited to create whitelist rules publicly in the Plugin Firewall by non-administrators. So in order for Plugin Firewall whitelist rules to be allowed to be created by AutoPilot Mode then you MUST login to the website once if you are installing or upgrading plugins remotely using MainWP (or other remote management plugins) and wait for the next scheduled AutoPilot Mode Cron to run. You can speed up this process by setting the AutoPilot Mode Cron check to 1 minute and then change the Cron setting to a different scheduled time or leave it at 1 minute.
Plugin Firewall AutoPilot Mode is a lightweight Cron check so no it does not require any significant resource usage.