We used to have RT 4.4.3, MariaDB 5.5.68 and Sphinx 2.2.11 all running under CentOS 7, and we now have RT 5.0.3 with MariaDB 10.3.35 running under Alma Linux 8. So we are now using the native ‘mysql’ full-text search whereas we used to run with Sphinx. We have roughly 120K tickets and the RT5 database is about 22G on disk.
It works OK, but if someone does something stupid like searching for Content LIKE 'and' then no one can use RT for over 5 minutes (in fact anything up to 20 minutes depending on the query). The same query on RT4/Sphinx was almost instant, but didn’t return all tickets because of the MaxMatches=>10000 setting. Sadly the MaxMatches setting is Sphinx-specific and so doesn’t do anything on our RT5 instance.
Can anything be done to stop people from accidentally DOSing our RT server (short of going back to Sphinx, I guess)? Why is it so slow? (Searching for less common words has acceptable performance but is still usually slower than on RT4/Sphinx.)