But there are some "proactive" DPIs that make a request themselves before letting you through. Would this protect against that? It's easy to set up a regular web server that would serve what everyone would see as an ordinary personal website, except when you make a request to a secret URL.
You could require authentication (and as other posters pointed out, make sure to spoof any wrong authentications for maximum deniability).
It is also simple to serve some pages over HTTP alongside the proxy functionality so that the server appears to be a typical web server. Just turn on mod_proxy_connect in addition to your existing httpd configuration if you use Apache for example.
I use this method on my domains, although I've never tried using it from within e.g. China
