Off the top of my head there’s really no good ways to do it securely without compartmentalization, but there are more convenient methods than the ones I gave as an example.
Many VPN clients allow you to split tunnel and exclude apps from the VPN, so you could have Brave Browser going through a VPN and Firefox not going through a VPN (or, whatever), and then use each for different sites depending on need. Still compartmentalization though.
If you’re doing it on a router it is harder to bypass. This is why I don’t really like using VPNs on routers (or DNS-based ad blocking) unless you have to, it’s usually better to have a VPN (or adblocker) on each device.
Depending on your router you could probably set static routes to bypass the VPN connection for each individual IP address you want to whitelist.