FEATURE: Add global rate limit for anon searches (#10208)

FEATURE: Add global rate limit for anon searches (#10208)

diff --git a/app/controllers/search_controller.rb b/app/controllers/search_controller.rb
index 6bfce11..d0dac30 100644
--- a/app/controllers/search_controller.rb
+++ b/app/controllers/search_controller.rb
@@ -159,7 +159,8 @@ class SearchController < ApplicationController
       if current_user.present?
         RateLimiter.new(current_user, "search-min", SiteSetting.rate_limit_search_user, 1.minute).performed!
       else
-        RateLimiter.new(nil, "search-min-#{request.remote_ip}", SiteSetting.rate_limit_search_anon, 1.minute).performed!
+        RateLimiter.new(nil, "search-min-#{request.remote_ip}", SiteSetting.rate_limit_search_anon_user, 1.minute).performed!
+        RateLimiter.new(nil, "search-min-anon-global", SiteSetting.rate_limit_search_anon_global, 1.minute).performed!
       end
     rescue RateLimiter::LimitExceeded => e
       return e
diff --git a/config/site_settings.yml b/config/site_settings.yml
index c0488ee..57a2c50 100644
--- a/config/site_settings.yml
+++ b/config/site_settings.yml
@@ -1548,7 +1548,10 @@ rate_limits:
   rate_limit_create_post: 5
   rate_limit_new_user_create_topic: 120
   rate_limit_new_user_create_post: 30
-  rate_limit_search_anon:
+  rate_limit_search_anon_global:
+    hidden: true
+    default: 150
+  rate_limit_search_anon_user:
     hidden: true
     default: 15
   rate_limit_search_user:
diff --git a/spec/requests/search_controller_spec.rb b/spec/requests/search_controller_spec.rb
index 044e741..8416ae4 100644
--- a/spec/requests/search_controller_spec.rb
+++ b/spec/requests/search_controller_spec.rb
@@ -183,7 +183,7 @@ describe SearchController do
     context 'rate limited' do
       before do
         SiteSetting.rate_limit_search_user = 3
-        SiteSetting.rate_limit_search_anon = 2
+        SiteSetting.rate_limit_search_anon_user = 2
       end
 
       it 'rate limits searches' do

GitHub sha: e866e3d6

This commit appears in #10208 which was merged by SamSaffron.

Thanks @Falco lets add a test for this new setting

1 Like

Done in DEV: Fix search rate limit tests

1 Like