Brut force or enumeration attack are not limited to login form. An easy way to fix this is to rate limit usage of your application. There are many solution out there to achieve that, in this post I show you how to do it with Symfony rate limiter component. I will also show you how to protect your server with long running task to avoid server overwhelming.