Attempting to defeat browser fingerprinting (you can never be 100% sure you’ve defeated everything) without TOR is kind of an advanced subject, yeah, and one of which I have only shallow knowledge. A lot of it is Javascript-dependent, so allowing Javascript only on a whitelist basis should help (but is too tedious for a lot of people). Deliberately pissing in the pool by varying prominent identifiers like the User-Agent string should help. Canvas poisoning. Specialist browser extensions, some of which may be more effective than others. Running the blandest default-settings browser possible in the blandest possible default-settings environment (a container or live media inside a VM) could conceivably cause you to vanish into the noise, but may be highly inconvenient.

It’s worth considering who is likely to be interested in going to the trouble of browser fingerprinting in the first place. Small players have little use for the information and aren’t likely to accumulate enough to sell it for much money. So the problems are going to come from ad networks, large digital networks like Google and Meta/Facebook, possibly CDNs and service providers like Shopify if they think it’s worth their while, maybe some governments, and completely dishonest scam sites that think any money is good. Some of these can be avoided altogether if you work at it.