diff --git a/app.js b/app.js
index 047aa903..49d07b94 100644
--- a/app.js
+++ b/app.js
@@ -12,7 +12,7 @@ app.use( require('./middleware/jsonp') );
 var sanitisers = {};
 sanitisers.doc      = require('./sanitiser/doc');
 sanitisers.suggest  = require('./sanitiser/suggest');
-sanitisers.search   = sanitisers.suggest;
+sanitisers.search   = require('./sanitiser/search');
 sanitisers.coarse   = require('./sanitiser/coarse');
 sanitisers.reverse  = require('./sanitiser/reverse');
 
diff --git a/sanitiser/search.js b/sanitiser/search.js
new file mode 100644
index 00000000..1748846a
--- /dev/null
+++ b/sanitiser/search.js
@@ -0,0 +1,26 @@
+
+var logger = require('../src/logger'),
+    _sanitize = require('../sanitiser/_sanitize'),
+    sanitizers = {
+      input: require('../sanitiser/_input'),
+      size: require('../sanitiser/_size'),
+      layers: require('../sanitiser/_layers'),
+      latlonzoom: require('../sanitiser/_geo')
+    };
+
+var sanitize = function(req, cb) { _sanitize(req, sanitizers, cb); };
+
+// export sanitize for testing
+module.exports.sanitize = sanitize;
+
+// middleware
+module.exports.middleware = function( req, res, next ){
+  sanitize( req, function( err, clean ){
+    if( err ){
+      res.status(400); // 400 Bad Request
+      return next(err);
+    }
+    req.clean = clean;
+    next();
+  });
+};
diff --git a/sanitiser/suggest.js b/sanitiser/suggest.js
index 06288019..1897dcb8 100644
--- a/sanitiser/suggest.js
+++ b/sanitiser/suggest.js
@@ -5,7 +5,10 @@ var logger = require('../src/logger'),
       input: require('../sanitiser/_input'),
       size: require('../sanitiser/_size'),
       layers: require('../sanitiser/_layers'),
-      latlonzoom: require('../sanitiser/_geo')
+      latlonzoom: function( req ) {
+        var geo = require('../sanitiser/_geo');
+        return geo(req, true);
+      }
     };
 
 var sanitize = function(req, cb) { _sanitize(req, sanitizers, cb); };