I use tinyproxy and a second browser profile for bypassing my privacy VPN as needed on the web.
You can tweak that solution slightly to eliminate the need for a static WAN gateway with this:
Consider tinyproxy's listen, bind, and whitelist configuration carefully to avoid unexpected behaviour. You'll almost certainly need to whitelist CloudFlare in addition to your other sites since so many services are behind it for DDOS and scraper mitigation.