How would you design a rate-limiting system for a critical API endpoint to prevent abuse while ensuring high availability?