Small update:
I got the cron working by switching over to the system cron and disabling the internal WP cron (it wasn’t working because my unique setup is unable to send REST api requests to itself because my ISP provided router doesn’t support NAT loopback). I wrote something in docker to use a cronjob to wget from a container on the same network every 5 minutes.
I am now seeing that metrics are being regularly updated and the decisions are as well:
2025-03-27T21:25:00.277549+00:00|100|Now processing a bouncer request|{"type":"BOUNCER_CLIENT_REQUEST","method":"GET","endpoint":"/v1/decisions/stream","parameters":{"startup":"false","scopes":"ip,range"}}
2025-03-27T21:25:00.307687+00:00|200|Retrieved stream decisions|{"type":"LAPI_REM_STREAM_DECISIONS","startup":false,"filter":{"scopes":"ip,range"},"result":{"new":0,"deleted":0}}
I have not seen any alerts related to wordpress yet, but looking through my access logs, I also don’t see much suspicious activity lately, so it could be that no malicious activity is occurring yet.
I’ll keep an eye on things and update if I see anything working.