- caddy can do that with
basicauth
: https://caddyserver.com/docs/caddyfile/directives/basicauth - nginx can 100% do that because it has plugins for everything
- apache can probably do something like that
most reverse proxies have SSO tooling that you can set up pretty easily
But honestly, have you considered just using wireguard for these cases? It's much more secure if you just want a bunch of stuff hidden from the rest of the world
is this a joke? Is this a relative's work?