Let's talk about the methods governments and ISPs around the world use to restrict access to the internet. First is DNS, second is Passive DPI, and the third is Active DPI. Thankfully, the first two are very easy and are the methods implemented for the vast majority of people suffering from censorship but from lack of awareness people continue to pay for VPN or simply don't use the sites they would otherwise. I will be explaining from my experience in Turkey, and giving examples out of it. There might be other factors affecting your access elsewhere, I don't know about them.

There are mainly 3 methods to get around the censorship so everyone should be able to get around it following this guide. For most, the first and second method will suffice.

First off, load up a banned site. Do you see a page appear that shows the site is banned or do you just get an error?

・Page Showing Court Order/Whatever: Change DNS 

・Error: Enable DNS-over-HTTPS

I would recommend Quad9 for both. They should take a minute to configure at most, look them up. DNS change should be from Windows itself, and DNS-over-HTTPS from Chrome/Firefox. 

Now, if you were part of the latter group that DNS-over-HTTPS didn't help, though luck. You still have some ways to get around it but it won't be as clean.

First to mention is Cloudflare. If Cloudflare has a server in your country too bad. They usually route the packets through government controlled servers so you won't have access to any page behind Cloudflare. There were methods in the past where you would put the IP of a server in a different country on your hosts as Cloudflare's IP address and it would work but they "fixed" it, so it's clear they are complacent. However there are usually alternatives or mirrors to Cloudflared sites, like nhentai to for nhentai net, sankaku for gelbooru, wayback machine for pastebin etc. If your government is incompetent like mine, 4chan should work, since they didn't ban the captcha domain which is the only thing entirely behind Cloudflare in 4chan.

Let's talk about active DPI; this is the method government uses which checks each connection to see suspicious links and IPs and block the connection if it turns out to be a banned. Thankfully however, their servers can't handle checking each packet so they only check the one at the forefront or a few more each time. The method to circumvent this is relatively simple, you send an extra few packets with each connection or change some of their headers to fool their servers into thinking the connection is not to a non-approved site.

The two most well-known software which let you do this are GoodbyeDPI and Zapret.

GoodbyeDPI takes only a few minutes to install, but only works on Windows. Zapret might take more than an hour but it is highly customizable and natively works on Linux, your router and admittedly android, though I couldn't figure out how that works. If you don't have any experience with Linux I would recommend GoodbyeDPI.

-Installation-

GoodbyeDPI:

1. Download the latest release from github.com/ValdikSS/GoodbyeDPI/releases
2. Double click 2_any_country.cmd or 2_any_country_dnsredir.cmd if you don't have DNS-over-HTTPS enabled.
3. Have fun with your government censorship free internet!

Zapret:

Personally I installed zapret on my router but the process should be largely the same on linux, other than being able to git clone and not having to use sftp. I am also writing entirely from memory so some commands might be somewhat wrong/give an error message so just comment about it if you come across such a thing. The order of doing things however should be unaffected.

1. Have linux or a non-TurkTelekom router that is OpenWRT compatible. openwrt.org/toh/start
2. Install OpenWRT and configure your WAN settings (PPPoE, VLAN ID 35 for Turkey)
3. Toggle off 'Use Advertised DNS' and put in 9.9.9.9 (Quad9)
4. Install luci-app-https-dns-proxy and configure accordingly
5. Code->Download ZIP github.com/bol-van/zapret
6. <opkg install unzip & opkg install openssh-sftp-server>
7. Install WinSCP and connect to your router
8. Put the zapret-master zip into tmp, or if you want to punish yourself extra harder learn how to install a usb device unto your router (like how I did it)
9. ssh into your router and run the command <cd /tmp/ & unzip zapret-master>
10. <cd /tmp/zapret-master/ & ./install\_easy.sh>
11. Follow as told in ./install\_easy.sh, make sure to select nftables
12. <cd /opt/zapret-master/ & ./blockcheck.sh>
13. Follow along in blockcheck.sh, keep in mind we don't have ipv6
14. At the end copy the tpws or nfqws settings that is said to work.
15. Enter config in /opt/zapret-master/ using WinSCP and change the settings that are under either tpws or nfqws, whichever one is said to work by blockcheck.sh
16. Restart your router
17. Now you have your internet free from government censorship network-wide ୧⁠(⁠＾⁠ ⁠〰⁠ ⁠＾⁠)⁠୨

Don't feel ashamed to ask any questions you might have!