When you set a keywords limit for search, this only applies to queries whose keywords are separated by spaces. This limit can be bypassed by throwing off the keyword count by using '+' instead of a space (or '-', or '|'), thereby allowing visitors to run extremely large queries that may lock databases or even stall under-resourced servers (this happened to a site I manage this morning).

With a limit of 10...

"one two three four five six seven eight nine ten eleven twelve" --> not permitted
"one two three four five six seven eight nine ten+eleven+twelve" --> permitted
"one|two|three|four|five|six|seven|eight|nine|ten|eleven|twelve" --> permitted
"one two three four five six seven eight nine ten+eleven-thirteen" --> permitted

This can easily be solved by ensuring that '+', '|' and '-' are preceded by a space thereby ensuring that terms are properly exploded and counted. That would mean the error is appropriately triggered when that count exceeds the set limit, and dangerous queries can be avoided.

This can be done in phpbb/search/fulltext_native.php: lines 286 to 302