FEATURE: Add global rate limit for anon searches (#10208)

app/controllers/search_controller.rb

@@ -159,7 +159,8 @@ class SearchController < ApplicationController
       if current_user.present?
         RateLimiter.new(current_user, "search-min", SiteSetting.rate_limit_search_user, 1.minute).performed!
       else
-        RateLimiter.new(nil, "search-min-#{request.remote_ip}", SiteSetting.rate_limit_search_anon, 1.minute).performed!
+        RateLimiter.new(nil, "search-min-#{request.remote_ip}", SiteSetting.rate_limit_search_anon_user, 1.minute).performed!
+        RateLimiter.new(nil, "search-min-anon-global", SiteSetting.rate_limit_search_anon_global, 1.minute).performed!
       end
     rescue RateLimiter::LimitExceeded => e
       return e

config/site_settings.yml

@@ -1548,7 +1548,10 @@ rate_limits:
   rate_limit_create_post: 5
   rate_limit_new_user_create_topic: 120
   rate_limit_new_user_create_post: 30
-  rate_limit_search_anon:
+  rate_limit_search_anon_global:
+    hidden: true
+    default: 150
+  rate_limit_search_anon_user:
     hidden: true
     default: 15
   rate_limit_search_user:

spec/requests/search_controller_spec.rb

@@ -183,7 +183,7 @@ describe SearchController do
     context 'rate limited' do
       before do
         SiteSetting.rate_limit_search_user = 3
-        SiteSetting.rate_limit_search_anon = 2
+        SiteSetting.rate_limit_search_anon_user = 2
       end
 
       it 'rate limits searches' do