In this SQLi blog the author says that to bypass a firewall at the server side you should add this line to your /etc/hosts file:
54.165.170.2 www.example.com
But doing so will only block my browser from viewing the website. How come it bypass the firewall at the server side?
Read the first paragraph from the firewall section of the blog post you refer to:
The first thing you should try when dealing with a firewall is see if you can find a misconfiguration in the setup. For most of these firewalls and CDN's you can access the unprotected website by visiting the original IP (which the firewall is standing in front of) and then using the original domain name as host value.
So in this example, you have a setup like this:
You <-> Firewall <-> Target server
example.com 54.165.170.2
Because of bad configuration, the server the firewall is protecting is accessible directly if you know its IP (54.165.170.2 in this case). By setting that line in the host file, all reqeusts to example.com goes to the target server instead of the firewall.
Off course, for this to work two things must be true:
