Umbraco 8.17.1, site is running fine but it seems to be racking up hundreds or even thousands of these Errors a day. Am I looking for illegal characters in an image name? Or where else should I be looking?

System.ArgumentException: Illegal characters in path.
   at System.Security.Permissions.FileIOPermission.CheckIllegalCharacters(String[] str, Boolean onlyCheckExtras)
   at System.Security.Permissions.FileIOPermission.AddPathList(FileIOPermissionAccess access, AccessControlActions control, String[] pathListOrig, Boolean checkForDuplicates, Boolean needFullPath, Boolean copyPathList)
   at System.Security.Permissions.FileIOPermission..ctor(FileIOPermissionAccess access, String path)
   at System.Web.InternalSecurityPermissions.PathDiscovery(String path)
   at System.Web.Hosting.HostingEnvironment.MapPath(VirtualPath virtualPath)
   at ImageProcessor.Web.HttpModules.ImageProcessingModule.<ProcessImageAsync>d__31.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   ----trimming----
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

While typing this message this afternoon I actually got 2 like this :

ImageProcessor.Common.Exceptions.ImageProcessingException: ProcessImageAsync 558 : The request /media/ykmlwb44/4-outlet-130l-red-low-res.jpg?fbclid=IwZXh0bgNhZW0CMTEAAR3fQ0xZ6tLYX6DrAtZbk4-zEUELr0Ukz3Ynt_XTvNmFkJZda55U0ZIbZ0Q_aem_9_jcDQogLzo7hF1E_uButQ could not be understood by the server due to malformed syntax.

I'm wondering if it's just someone spamming ImageProcessor along the lines of this: https://dev.to/skttl/stop-spammers-from-abusing-imageprocessor-to-flood-your-umbraco-8-logs-2c5m and if I'm safe enough to just filter them out of the logs. The site seems fine.

Sounds like a possibility

Exceptions are expensive and should be... exceptions. It's best to fix the error, rather than hide it. If these are legitimate requests, I recommend using a rewrite rule in IIS to remove the offending parameters from the query string. If they are not legitimate requests, I recommend using a a rewrite rule to kill the request altogether.

This is what the exception is, about 20 every minute, but I don't know where to investigate:

System.ArgumentException: Illegal characters in path.
   at System.Security.Permissions.FileIOPermission.CheckIllegalCharacters(String[] str, Boolean onlyCheckExtras)
   at System.Security.Permissions.FileIOPermission.AddPathList(FileIOPermissionAccess access, AccessControlActions control, String[] pathListOrig, Boolean checkForDuplicates, Boolean needFullPath, Boolean copyPathList)
   at System.Security.Permissions.FileIOPermission..ctor(FileIOPermissionAccess access, String path)
   at System.Web.InternalSecurityPermissions.PathDiscovery(String path)
   at System.Web.Hosting.HostingEnvironment.MapPath(VirtualPath virtualPath)
   at ImageProcessor.Web.HttpModules.ImageProcessingModule.<ProcessImageAsync>d__31.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at System.Web.TaskAsyncHelper.EndTask(IAsyncResult ar)
   at System.Web.HttpApplication.AsyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStepImpl(IExecutionStep step)
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

Does

/media/ykmlwb44/4-outlet-130l-red-low-res.jpg

work?

I think the issue is that ImageProcessor assumes that all query string parameters are processing instructions and tries to parse them, but it doesn’t understand

fbclid

so it throws an exception. The parameter sound like something from Facebook so I’d add a rewrite rule removing it as Jason suggests

There were 2 errors with the fbclid, but they were once offs - mostly it's just thousands of what I posted above, with no indication of what image they're referring to.